/cluster_role_diff.sh-session
Created Feb 6, 2019
k8s role expander
| kubectl get clusterroles admin --output=json | jq '.rules | map(. as $rule | .apiGroups | map(. as $apiGroup | $rule.resources | map(. as $resource | $rule.verbs | map(. as $verb | $apiGroup + ":" + $resource + ":" + $verb)))) | flatten | sort' > /tmp/admin.json | |
| kubectl get clusterroles edit --output=json | jq '.rules | map(. as $rule | .apiGroups | map(. as $apiGroup | $rule.resources | map(. as $resource | $rule.verbs | map(. as $verb | $apiGroup + ":" + $resource + ":" + $verb)))) | flatten | sort' > /tmp/edit.json | |
| kubectl get clusterroles view --output=json | jq '.rules | map(. as $rule | .apiGroups | map(. as $apiGroup | $rule.resources | map(. as $resource | $rule.verbs | map(. as $verb | $apiGroup + ":" + $resource + ":" + $verb)))) | flatten | sort' > /tmp/view.json | |
| vimdiff /tmp/edit.json /tmp/admin.json | |
| vimdiff /tmp/view.json /tmp/edit.json |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment