如何从 k8s 中的服务帐户取消绑定 role/cluster 角色
how to unbind a role/cluster role from a service account in k8s
对于默认服务帐户,我已经为集群角色创建集群角色绑定=cluster-admin
使用下面的 kubectl 命令
kubectl create clusterrolebinding add-on-cluster-admin --clusterrole=cluster-admin --serviceaccount=rbac-test:default
cluster-admin 角色绑定到默认服务帐户。
如何重新绑定服务账号?
当您 运行 您的 kubectl 命令时,它会创建以下对象:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
name: add-on-cluster-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: default
namespace: rbac-test
您应该能够删除该对象:
kubectl delete clusterrolebinding add-on-cluster-admin
对于默认服务帐户,我已经为集群角色创建集群角色绑定=cluster-admin
使用下面的 kubectl 命令
kubectl create clusterrolebinding add-on-cluster-admin --clusterrole=cluster-admin --serviceaccount=rbac-test:default
cluster-admin 角色绑定到默认服务帐户。
如何重新绑定服务账号?
当您 运行 您的 kubectl 命令时,它会创建以下对象:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
creationTimestamp: null
name: add-on-cluster-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: default
namespace: rbac-test
您应该能够删除该对象:
kubectl delete clusterrolebinding add-on-cluster-admin