Kubernetes 101 : Role-based access control aggregation - RBAC - rules
We can combine different ClusterRoles through the use of labels.
The ClusterRole "pods" allows us to list pods, the ClusterRole
"services" allows to list services.
The below Yaml file describes the ClusterRole named "pods" for listing pods:
The below Yaml file describes the ClusterRole named "services" for listing services:
To combine the above ClusterRoles, we can specify an aggregationRule which describes the labels for these ClusterRoles:
The rule field will have all the ClusterRoles that match the labels in the matchLabels field.
We could check our ClusterRole using the below command: