Repositories
Authorization Resources
Published by: Kubernetes0Updated

Kubernetes Authorization Resources are components that control access to the Kubernetes API and cluster resources, primarily using Role-Based Access Control (RBAC). These resources include Roles, ClusterRoles, RoleBindings, and ClusterRoleBindings, which work together to define and enforce fine-grained access policies for users, groups, and service accounts within a Kubernetes cluster.

Authorization Resources

Kubernetes Authorization Resources are components that regulate access to the Kubernetes API and cluster resources, primarily using Role-Based Access Control (RBAC).

This repository offers customizable configurations to help you generate your own setup. While Kubernetes has released multiple development versions, such as v1alpha1, v1beta1, and others, in Configfacets, the initial templates are derived from Kubernetes v1 release. Check templates section below to playaround with live examples.

Examples

Resources

ResourceDescriptionTemplates
ClusterRoleDefines permissions for actions on cluster-wide resources or all namespaces.v1
ClusterRoleBindingGrants permissions defined in a ClusterRole to a user, group, or service account at the cluster level.v1
RoleDefines a set of permissions within a specific namespace, restricting access to namespaced resources.v1
RoleBindingAssigns a Role’s permissions to a user, group, or service account within a specific namespace.v1

Integrations

Below are examples of integrations that utilize Kubernetes Authorization resources:

Cert Manager - Adds certificates and certificate issuers as resource types in Kubernetes clusters, and simplifies the process of obtaining, renewing and using those certificates.

Contributions

Permissions

Below are Configfacets Permissions overview and Kubernetes Organization structure.

Overview

A repository can be created under an Organization, Team, or User, with permissions inherited from the parent entity. An Admin role at the parent level grants admin privileges across all repositories and resources within it. In contrast, a Member role at the parent level, by default, has view access to private repositories and their resources but can be granted elevated permissions (such as Admin) for a specific repository. For more details, refer to the Configfacets Authorization documentation.

Kubernetes Organization

TeamDescription
ResourcesThe Kubernetes resources team will work on creating and managing configurations for Kubernetes resources, including workload resources, networking, storage and more. All resource repositories are organized under the Resources team hierarchy.
MaintainersKubernetes Maintainers team gets admin privileges all across Kubernetes organization.
CollaboratorsMembers of the Collaborators team receive Collaborator permissions, allowing them to edit resources in all repositories.

If you'd like to contribute to the Authorization Resources repository, you can request Collaborator permission specific to this repository or join the Maintainers or Collaborators team.

Please reach out to us through our Discord community for permissions.

Releases

TypeDescription
ReleasedVersions in this state are finalized and cannot be modified by collaborators. They can be safely used as dependencies in repositories, ensuring stability for associated resources such as data, collections, configurations, services, and endpoints.
Under DevelopmentThese versions are still being actively worked on and may change without prior notice. Using them as dependencies should be done with caution, as resources within them, including configurations and services, are subject to updates.
ArchivedArchived versions are no longer supported, and resource modifications are disabled. They cannot be newly added as dependencies, but any previously included versions will continue to function as they were..