1KUBERNETES(1)(kubernetes)                            KUBERNETES(1)(kubernetes)
2
3
4
5Eric Paris Jan 2015
6
7

NAME

9       kubectl create clusterrolebinding - Create a cluster role binding for a
10       particular cluster role
11
12
13

SYNOPSIS

15       kubectl create clusterrolebinding [OPTIONS]
16
17
18

DESCRIPTION

20       Create a cluster role binding for a particular cluster role.
21
22
23

OPTIONS

25       --allow-missing-template-keys=true      If true, ignore any  errors  in
26       templates  when a field or map key is missing in the template. Only ap‐
27       plies to golang and jsonpath output formats.
28
29
30       --clusterrole=""      ClusterRole this ClusterRoleBinding should refer‐
31       ence
32
33
34       --dry-run="none"       Must be "none", "server", or "client". If client
35       strategy, only print the object that would be sent, without sending it.
36       If  server  strategy, submit server-side request without persisting the
37       resource.
38
39
40       --field-manager="kubectl-create"      Name of the manager used to track
41       field ownership.
42
43
44       --group=[]       Groups to bind to the clusterrole. The flag can be re‐
45       peated to add multiple groups.
46
47
48       -o, --output=""      Output format. One of: (json, yaml, name,  go-tem‐
49       plate, go-template-file, template, templatefile, jsonpath, jsonpath-as-
50       json, jsonpath-file).
51
52
53       --save-config=false      If true, the configuration of  current  object
54       will  be saved in its annotation. Otherwise, the annotation will be un‐
55       changed. This flag is useful when you want to perform kubectl apply  on
56       this object in the future.
57
58
59       --serviceaccount=[]       Service  accounts to bind to the clusterrole,
60       in the format :. The flag can be repeated to add multiple  service  ac‐
61       counts.
62
63
64       --show-managed-fields=false       If  true, keep the managedFields when
65       printing objects in JSON or YAML format.
66
67
68       --template=""      Template string or path to template file to use when
69       -o=go-template, -o=go-template-file. The template format is golang tem‐
70       plates [http://golang.org/pkg/text/template/#pkg-overview].
71
72
73       --validate="strict"      Must be one of: strict (or true), warn, ignore
74       (or false).            "true" or "strict" will use a schema to validate
75       the input and fail the request if invalid. It will perform server  side
76       validation  if  ServerSideFieldValidation is enabled on the api-server,
77       but will fall back to less  reliable  client-side  validation  if  not.
78                 "warn"  will  warn  about unknown or duplicate fields without
79       blocking the request if server-side field validation is enabled on  the
80       API  server,  and  behave  as "ignore" otherwise.            "false" or
81       "ignore" will not perform any schema validation, silently dropping  any
82       unknown or duplicate fields.
83
84
85

OPTIONS INHERITED FROM PARENT COMMANDS

87       --as=""      Username to impersonate for the operation. User could be a
88       regular user or a service account in a namespace.
89
90
91       --as-group=[]      Group to impersonate for the  operation,  this  flag
92       can be repeated to specify multiple groups.
93
94
95       --as-uid=""      UID to impersonate for the operation.
96
97
98       --azure-container-registry-config=""       Path  to the file containing
99       Azure container registry configuration information.
100
101
102       --cache-dir="/builddir/.kube/cache"      Default cache directory
103
104
105       --certificate-authority=""      Path to a cert file for the certificate
106       authority
107
108
109       --client-certificate=""      Path to a client certificate file for TLS
110
111
112       --client-key=""      Path to a client key file for TLS
113
114
115       --cluster=""      The name of the kubeconfig cluster to use
116
117
118       --context=""      The name of the kubeconfig context to use
119
120
121       --insecure-skip-tls-verify=false      If true, the server's certificate
122       will not be checked for validity. This will make your HTTPS connections
123       insecure
124
125
126       --kubeconfig=""       Path  to  the  kubeconfig file to use for CLI re‐
127       quests.
128
129
130       --match-server-version=false       Require  server  version  to   match
131       client version
132
133
134       -n,  --namespace=""       If  present, the namespace scope for this CLI
135       request
136
137
138       --password=""      Password for basic authentication to the API server
139
140
141       --profile="none"        Name   of   profile   to   capture.   One    of
142       (none|cpu|heap|goroutine|threadcreate|block|mutex)
143
144
145       --profile-output="profile.pprof"       Name  of  the  file to write the
146       profile to
147
148
149       --request-timeout="0"      The length of time to wait before giving  up
150       on  a  single  server  request. Non-zero values should contain a corre‐
151       sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
152       out requests.
153
154
155       -s, --server=""      The address and port of the Kubernetes API server
156
157
158       --tls-server-name=""       Server  name  to  use for server certificate
159       validation. If it is not provided, the hostname  used  to  contact  the
160       server is used
161
162
163       --token=""      Bearer token for authentication to the API server
164
165
166       --user=""      The name of the kubeconfig user to use
167
168
169       --username=""      Username for basic authentication to the API server
170
171
172       --version=false      Print version information and quit
173
174
175       --warnings-as-errors=false      Treat warnings received from the server
176       as errors and exit with a non-zero exit code
177
178
179

EXAMPLE

181                # Create a cluster role binding for user1, user2, and group1 using the cluster-admin cluster role
182                kubectl create clusterrolebinding cluster-admin --clusterrole=cluster-admin --user=user1 --user=user2 --group=group1
183
184
185
186

SEE ALSO

188       kubectl-create(1),
189
190
191

HISTORY

193       January 2015, Originally compiled by Eric Paris (eparis at  redhat  dot
194       com)  based  on the kubernetes source material, but hopefully they have
195       been automatically generated since!
196
197
198
199Manuals                              User            KUBERNETES(1)(kubernetes)
Impressum