rbac.authorization.k8s.io/v1
·RoleBinding
RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace.
Click on Property Name to show the description, and Pink Types to expand schema.
Required properties are marked with *
Change History
Kubernetes v1.32
Kubernetes v1.31
Kubernetes v1.30
Kubernetes v1.29
Kubernetes v1.28
1 property has changed the description
- .roleRef
Kubernetes v1.27
7 properties have changed the description
- .metadata.annotations
- .metadata.labels
- .metadata.name
- .metadata.namespace
- .metadata.ownerReferences.name
- .metadata.ownerReferences.uid
- .metadata.uid
Kubernetes v1.26
Kubernetes v1.25
1 property has been removed on this version
- .metadata.clusterName
Kubernetes v1.24
5 properties have changed the description
- .metadata.clusterName
- .metadata.generateName
- .metadata.managedFields.time
- .metadata.ownerReferences.blockOwnerDeletion
- .metadata.selfLink
Kubernetes v1.23
Kubernetes v1.22
1 property has been added on this version
- .metadata.managedFields.subresource
Kubernetes v1.21
Kubernetes v1.20
Kubernetes v1.19
1 property has changed the description
- .metadata.namespace
Kubernetes v1.18
Kubernetes v1.17
1 property has changed the description
- .metadata.finalizers
Kubernetes v1.16
2 properties have been added on this version
- .metadata.managedFields.fieldsType
- .metadata.managedFields.fieldsV1
2 properties have been removed on this version
- .metadata.initializers
- .metadata.managedFields.fields
9 properties have changed the description
- .apiVersion
- .kind
- .metadata.creationTimestamp
- .metadata.deletionTimestamp
- .metadata.generateName
- .metadata.managedFields
- .metadata.ownerReferences.kind
- .metadata.resourceVersion
- .metadata.selfLink
Kubernetes v1.15
1 property has been added on this version
- .metadata.initializers.result.metadata.remainingItemCount
Kubernetes v1.14
1 property has been added on this version
- .metadata.managedFields
1 property has changed the description
- .metadata.initializers
Kubernetes v1.13
Kubernetes v1.12
1 property has changed the description
- .metadata.initializers.result.metadata.continue
Kubernetes v1.11
Examples
There are 4 examples of RoleBinding that you can use as a starting point to create your own.
apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: pod-reader-role-binding-alice namespace: dev # RoleBinding is a namespaced resource roleRef: apiGroup: rbac.authorization.k8s.io name: pod-reader-role-alice kind: Role subjects: - kind: User name: Alice namespace: dev
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: pod-reader-role-binding-svc-acct
namespace: test
roleRef:
apiGroup: rbac.authorization.k8s.io
name: pod-reader-role-svc-acct
kind: Role
subjects:
- kind: ServiceAccount
name: test-sa
namespace: test
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: restricted-secret-reader
namespace: test
roleRef:
apiGroup: rbac.authorization.k8s.io
name: secret-reader
kind: ClusterRole
subjects:
- kind: ServiceAccount
name: test-sa
namespace: test
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: test-pod-reader-rb
namespace: test
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: pod-reader-role-svc-acct
subjects:
- apiGroup: ""
kind: ServiceAccount
name: dev-sa
namespace: dev