Winkee
Reputation: 61
How to check what role/clusterrole a serviceaccount is bound to?
We all know that kubectl auth can-i <verb> <resource> --as=system:serviceaccount:<namespace>:<serviceaccountname> [-n <namespace>] can be used to check if a serviceaccount has a specific permission, but is there a way that I can check what rol/clusterrole a serriceaccount is bound to?
Upvotes: 0
Views: 238
Answers (1)
Techiescorner
Reputation: 811
kubectl get rolebindings,clusterrolebindings \
--all-namespaces \
-o custom-columns='KIND:kind,NAMESPACE:metadata.namespace,NAME:metadata.name,SERVICE_ACCOUNTS:subjects[?(@.kind=="ServiceAccount")].name' | grep "<SERVICE_ACCOUNT_NAME>"
Upvotes: 2
Related Questions
- Kubernetes check serviceaccount permissions
- How to view the permissions/roles associated with a specific service account in k8s?
- Cannot list or delete ClusterRole or ClusterRoleBinding with a Kubernetes ServiceAccount
- Binding a ClusterRoleBind subject:ServiceAccount
- Is there a way to find the RoleBinding/ClusterRoleBinding related to a serviceAccount?
- Rolebinding with ClusterRole is not restricted to namespace when using a ServiceAccount
- How to find which role or clusterrole binded to a service account in Kubernetes?
- Get serviceaccount info according to its corresponding token in kubernetes?
- How to create a role to ServiceAccount with context
- Get clusterrolebindings for an account?