Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
k8s role expander
kubectl get clusterroles admin --output=json | jq '.rules | map(. as $rule | .apiGroups | map(. as $apiGroup | $rule.resources | map(. as $resource | $rule.verbs | map(. as $verb | $apiGroup + ":" + $resource + ":" + $verb)))) | flatten | sort' > /tmp/admin.json
kubectl get clusterroles edit --output=json | jq '.rules | map(. as $rule | .apiGroups | map(. as $apiGroup | $rule.resources | map(. as $resource | $rule.verbs | map(. as $verb | $apiGroup + ":" + $resource + ":" + $verb)))) | flatten | sort' > /tmp/edit.json
kubectl get clusterroles view --output=json | jq '.rules | map(. as $rule | .apiGroups | map(. as $apiGroup | $rule.resources | map(. as $resource | $rule.verbs | map(. as $verb | $apiGroup + ":" + $resource + ":" + $verb)))) | flatten | sort' > /tmp/view.json
vimdiff /tmp/edit.json /tmp/admin.json
vimdiff /tmp/view.json /tmp/edit.json
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.