RBAC
这些标签会导致生成一个 RBAC 的 ClusterRole。这可以让您描述控制器所需要的权限,以及使用这些权限的代码。
- kubebuilder:rbac
- groups
- string
- namespace
- string
- resourceNames
- string
- resources
- string
- urls
- string
- verbs
- string
specifies an RBAC rule to all access to some resources or non-resource URLs.
- groups
- string
specifies the API groups that this rule encompasses.
- namespace
- string
specifies the scope of the Rule. If not set, the Rule belongs to the generated ClusterRole. If set, the Rule belongs to a Role, whose namespace is specified by this field.
- resourceNames
- string
specifies the names of the API resources that this rule encompasses.
Create requests cannot be restricted by resourcename, as the object‘s name is not known at authorization time.
- resources
- string
specifies the API resources that this rule encompasses.
- urls
- string
URL specifies the non-resource URLs that this rule encompasses.
- verbs
- string
specifies the (lowercase) kubernetes API verbs that this rule encompasses.