Skip to content

Instantly share code, notes, and snippets.

@agentmilindu

agentmilindu/clusterolebindings

Created February 27, 2020 16:31
Show Gist options
  • Save agentmilindu/aec92f73e8598bd3eb7c30d441c03165 to your computer and use it in GitHub Desktop.
Save agentmilindu/aec92f73e8598bd3eb7c30d441c03165 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
clusterolebindings
Name: aws-node
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"rbac.authorization.k8s.io/v1","kind":"ClusterRoleBinding","metadata":{"annotations":{},"name":"aws-node"},"roleRef":{"apiGr...
Role:
Kind: ClusterRole
Name: aws-node
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount aws-node kube-system
Name: cluster-admin
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: cluster-admin
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:masters
Name: eks:fargate-manager
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"rbac.authorization.k8s.io/v1","kind":"ClusterRoleBinding","metadata":{"annotations":{},"name":"eks:fargate-manager"},"roleR...
Role:
Kind: ClusterRole
Name: eks:fargate-manager
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:fargate-manager
Name: eks:kube-proxy
Labels: eks.amazonaws.com/component=kube-proxy
k8s-app=kube-proxy
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"rbac.authorization.k8s.io/v1","kind":"ClusterRoleBinding","metadata":{"annotations":{},"labels":{"eks.amazonaws.com/compone...
Role:
Kind: ClusterRole
Name: system:node-proxier
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount kube-proxy kube-system
Name: eks:kube-proxy-fargate
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"rbac.authorization.k8s.io/v1","kind":"ClusterRoleBinding","metadata":{"annotations":{},"name":"eks:kube-proxy-fargate"},"ro...
Role:
Kind: ClusterRole
Name: system:node-proxier
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:node-proxier
Name: eks:kube-proxy-windows
Labels: eks.amazonaws.com/component=kube-proxy
k8s-app=kube-proxy
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"rbac.authorization.k8s.io/v1beta1","kind":"ClusterRoleBinding","metadata":{"annotations":{},"labels":{"eks.amazonaws.com/co...
Role:
Kind: ClusterRole
Name: system:node-proxier
Subjects:
Kind Name Namespace
---- ---- ---------
Group eks:kube-proxy-windows
Name: eks:node-bootstrapper
Labels: eks.amazonaws.com/component=node
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"rbac.authorization.k8s.io/v1","kind":"ClusterRoleBinding","metadata":{"annotations":{},"labels":{"eks.amazonaws.com/compone...
Role:
Kind: ClusterRole
Name: eks:node-bootstrapper
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:bootstrappers
Group system:nodes
Name: eks:node-manager
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"rbac.authorization.k8s.io/v1","kind":"ClusterRoleBinding","metadata":{"annotations":{},"name":"eks:node-manager"},"roleRef"...
Role:
Kind: ClusterRole
Name: eks:node-manager
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:node-manager
Name: eks:podsecuritypolicy:authenticated
Labels: eks.amazonaws.com/component=pod-security-policy
kubernetes.io/cluster-service=true
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"rbac.authorization.k8s.io/v1","kind":"ClusterRoleBinding","metadata":{"annotations":{"kubernetes.io/description":"Allow all...
kubernetes.io/description: Allow all authenticated users to create privileged pods.
Role:
Kind: ClusterRole
Name: eks:podsecuritypolicy:privileged
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:authenticated
Name: spinnaker-admin
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"rbac.authorization.k8s.io/v1","kind":"ClusterRoleBinding","metadata":{"annotations":{},"name":"spinnaker-admin"},"roleRef":...
Role:
Kind: ClusterRole
Name: cluster-admin
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount spinnaker-service-account spinnaker
Name: system:aws-cloud-provider
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:aws-cloud-provider
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount aws-cloud-provider kube-system
Name: system:basic-user
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:basic-user
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:authenticated
Name: system:controller:attachdetach-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:attachdetach-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount attachdetach-controller kube-system
Name: system:controller:certificate-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:certificate-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount certificate-controller kube-system
Name: system:controller:clusterrole-aggregation-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:clusterrole-aggregation-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount clusterrole-aggregation-controller kube-system
Name: system:controller:cronjob-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:cronjob-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount cronjob-controller kube-system
Name: system:controller:daemon-set-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:daemon-set-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount daemon-set-controller kube-system
Name: system:controller:deployment-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:deployment-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount deployment-controller kube-system
Name: system:controller:disruption-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:disruption-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount disruption-controller kube-system
Name: system:controller:endpoint-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:endpoint-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount endpoint-controller kube-system
Name: system:controller:expand-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:expand-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount expand-controller kube-system
Name: system:controller:generic-garbage-collector
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:generic-garbage-collector
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount generic-garbage-collector kube-system
Name: system:controller:horizontal-pod-autoscaler
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:horizontal-pod-autoscaler
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount horizontal-pod-autoscaler kube-system
Name: system:controller:job-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:job-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount job-controller kube-system
Name: system:controller:namespace-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:namespace-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount namespace-controller kube-system
Name: system:controller:node-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:node-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount node-controller kube-system
Name: system:controller:persistent-volume-binder
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:persistent-volume-binder
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount persistent-volume-binder kube-system
Name: system:controller:pod-garbage-collector
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:pod-garbage-collector
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount pod-garbage-collector kube-system
Name: system:controller:pv-protection-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:pv-protection-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount pv-protection-controller kube-system
Name: system:controller:pvc-protection-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:pvc-protection-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount pvc-protection-controller kube-system
Name: system:controller:replicaset-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:replicaset-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount replicaset-controller kube-system
Name: system:controller:replication-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:replication-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount replication-controller kube-system
Name: system:controller:resourcequota-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:resourcequota-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount resourcequota-controller kube-system
Name: system:controller:route-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:route-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount route-controller kube-system
Name: system:controller:service-account-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:service-account-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount service-account-controller kube-system
Name: system:controller:service-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:service-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount service-controller kube-system
Name: system:controller:statefulset-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:statefulset-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount statefulset-controller kube-system
Name: system:controller:ttl-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:ttl-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount ttl-controller kube-system
Name: system:coredns
Labels: eks.amazonaws.com/component=coredns
k8s-app=kube-dns
kubernetes.io/bootstrapping=rbac-defaults
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"rbac.authorization.k8s.io/v1","kind":"ClusterRoleBinding","metadata":{"annotations":{"rbac.authorization.kubernetes.io/auto...
rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:coredns
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount coredns kube-system
Name: system:discovery
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:discovery
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:authenticated
Name: system:kube-controller-manager
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:kube-controller-manager
Subjects:
Kind Name Namespace
---- ---- ---------
User system:kube-controller-manager
Name: system:kube-dns
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:kube-dns
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount kube-dns kube-system
Name: system:kube-scheduler
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:kube-scheduler
Subjects:
Kind Name Namespace
---- ---- ---------
User system:kube-scheduler
Name: system:node
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:node
Subjects:
Kind Name Namespace
---- ---- ---------
Name: system:node-proxier
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:node-proxier
Subjects:
Kind Name Namespace
---- ---- ---------
User system:kube-proxy
Name: system:public-info-viewer
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:public-info-viewer
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:authenticated
Group system:unauthenticated
Name: system:volume-scheduler
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:volume-scheduler
Subjects:
Kind Name Namespace
---- ---- ---------
User system:kube-scheduler
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment