Role Binding#
A role binding grants the permissions defined in a role to a user or set of users.
It holds a list of subjects (users or teams) and a reference to the role being granted. A RoleBinding
grants permissions within a specific project whereas a GlobalRoleBinding
grants that access global-wide.
A RoleBinding
may reference any Role
in the same project. Similarly, a GlobalRoleBinding
can reference any GlobalRole
.
Choose a scope#
There are two different scopes in which you can define a RoleBinding, depending on the role scope.
- for GlobalRole, use GlobalRoleBinding
- for Role, use RoleBinding
Project level#
In case you would like to set a role binding for a Role, you will need to create a RoleBinding
.
Global level#
In case you would like to set a role binding for a GlobalRole , you will need to create a GlobalRoleBinding
.
RoleBinding specification#
# Name of the Role or GlobalRole concerned by the role binding (metadata.name)
role: <string>
# Subjects that will inherit permissions from the role
subjects:
- <Subject specification>
Subject specification#
# The type of the subject. For example: `User`
kind: <string>
# The name of the subject (metadata.name)
name: <string>
More info about authorization#
Please look at the documentation to know more about permissions and role bindings.
API definition#
RoleBinding
#
Get a list of RoleBinding
#
URL query parameters:
- name =
<string>
: should be used to filter the list of RoleBindings based on the prefix name.
Example:
The following query should return an empty list or a list containing roleBindings.
Get a single RoleBinding
#
Create a single RoleBinding
#
Update a single RoleBinding
#
Delete a single RoleBinding
#
GlobalRoleBinding
#
Get a list of GlobalRoleBinding
#
URL query parameters:
- name =
<string>
: should be used to filter the list of RoleBinding based on the prefix name.
Example:
The following query should return an empty list or a list containing global rolebindings.