Add different roles for resources in same apigroups in kubernetes

Tanul 1,246 Reputation points
2023-08-02T16:17:34.61+00:00

Hello,

I need to define different roles for pods/log and namespaces.. Does this syntax works:-

- apiGroups: [""] 
  resources:
    - pods   
  verbs:
    - create
    - delete
    - get
    - list
  resources:
    - pods/log
    - namespaces
  verbs:
    - get
    - list

I tried running this.. But the last section of resources overwritten the pods section and its verbs.

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,781 questions
0 comments No comments
{count} votes

Accepted answer
  1. shiva patpi 12,961 Reputation points Microsoft Employee
    2023-08-02T23:59:01.1833333+00:00

    @Tanul ,

    Can you try out the below YAML:

    apiVersion: rbac.authorization.k8s.io/v1
    kind: Role
    metadata:
      namespace: default
      name: rbac
    rules:
    - apiGroups: [""]
      resources:
        - pods   
      verbs:
        - create
        - delete
        - get
        - list
    - apiGroups: [""]
      resources:
        - pods/log
        - namespaces
      verbs:
        - get
        - list
    
    0 comments No comments

0 additional answers

Sort by: Most helpful