1KUBERNETES(1)(kubernetes)                            KUBERNETES(1)(kubernetes)
2
3
4
5Eric Paris Jan 2015
6
7

NAME

9       kubectl  create  rolebinding  -  Create a role binding for a particular
10       role or cluster role
11
12
13

SYNOPSIS

15       kubectl create rolebinding [OPTIONS]
16
17
18

DESCRIPTION

20       Create a role binding for a particular role or cluster role.
21
22
23

OPTIONS

25       --allow-missing-template-keys=true      If true, ignore any  errors  in
26       templates  when a field or map key is missing in the template. Only ap‐
27       plies to golang and jsonpath output formats.
28
29
30       --clusterrole=""      ClusterRole this RoleBinding should reference
31
32
33       --dry-run="none"      Must be "none", "server", or "client". If  client
34       strategy, only print the object that would be sent, without sending it.
35       If server strategy, submit server-side request without  persisting  the
36       resource.
37
38
39       --field-manager="kubectl-create"      Name of the manager used to track
40       field ownership.
41
42
43       --group=[]      Groups to bind to the role. The flag can be repeated to
44       add multiple groups.
45
46
47       -o,  --output=""      Output format. One of: (json, yaml, name, go-tem‐
48       plate, go-template-file, template, templatefile, jsonpath, jsonpath-as-
49       json, jsonpath-file).
50
51
52       --role=""      Role this RoleBinding should reference
53
54
55       --save-config=false       If  true, the configuration of current object
56       will be saved in its annotation. Otherwise, the annotation will be  un‐
57       changed.  This flag is useful when you want to perform kubectl apply on
58       this object in the future.
59
60
61       --serviceaccount=[]      Service accounts to bind to the role,  in  the
62       format :. The flag can be repeated to add multiple service accounts.
63
64
65       --show-managed-fields=false       If  true, keep the managedFields when
66       printing objects in JSON or YAML format.
67
68
69       --template=""      Template string or path to template file to use when
70       -o=go-template, -o=go-template-file. The template format is golang tem‐
71       plates [http://golang.org/pkg/text/template/#pkg-overview].
72
73
74       --user=[]      Usernames to bind to the role. The flag can be  repeated
75       to add multiple users.
76
77
78       --validate="strict"      Must be one of: strict (or true), warn, ignore
79       (or false).            "true" or "strict" will use a schema to validate
80       the  input and fail the request if invalid. It will perform server side
81       validation if ServerSideFieldValidation is enabled on  the  api-server,
82       but  will  fall  back  to  less reliable client-side validation if not.
83                 "warn" will warn about unknown or  duplicate  fields  without
84       blocking  the request if server-side field validation is enabled on the
85       API server, and behave as  "ignore"  otherwise.             "false"  or
86       "ignore"  will not perform any schema validation, silently dropping any
87       unknown or duplicate fields.
88
89
90

OPTIONS INHERITED FROM PARENT COMMANDS

92       --as=""      Username to impersonate for the operation. User could be a
93       regular user or a service account in a namespace.
94
95
96       --as-group=[]       Group  to  impersonate for the operation, this flag
97       can be repeated to specify multiple groups.
98
99
100       --as-uid=""      UID to impersonate for the operation.
101
102
103       --azure-container-registry-config=""      Path to the  file  containing
104       Azure container registry configuration information.
105
106
107       --cache-dir="/builddir/.kube/cache"      Default cache directory
108
109
110       --certificate-authority=""      Path to a cert file for the certificate
111       authority
112
113
114       --client-certificate=""      Path to a client certificate file for TLS
115
116
117       --client-key=""      Path to a client key file for TLS
118
119
120       --cluster=""      The name of the kubeconfig cluster to use
121
122
123       --context=""      The name of the kubeconfig context to use
124
125
126       --disable-compression=false      If true, opt-out of response  compres‐
127       sion for all requests to the server
128
129
130       --insecure-skip-tls-verify=false      If true, the server's certificate
131       will not be checked for validity. This will make your HTTPS connections
132       insecure
133
134
135       --kubeconfig=""       Path  to  the  kubeconfig file to use for CLI re‐
136       quests.
137
138
139       --match-server-version=false       Require  server  version  to   match
140       client version
141
142
143       -n,  --namespace=""       If  present, the namespace scope for this CLI
144       request
145
146
147       --password=""      Password for basic authentication to the API server
148
149
150       --profile="none"        Name   of   profile   to   capture.   One    of
151       (none|cpu|heap|goroutine|threadcreate|block|mutex)
152
153
154       --profile-output="profile.pprof"       Name  of  the  file to write the
155       profile to
156
157
158       --request-timeout="0"      The length of time to wait before giving  up
159       on  a  single  server  request. Non-zero values should contain a corre‐
160       sponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't time‐
161       out requests.
162
163
164       -s, --server=""      The address and port of the Kubernetes API server
165
166
167       --tls-server-name=""       Server  name  to  use for server certificate
168       validation. If it is not provided, the hostname  used  to  contact  the
169       server is used
170
171
172       --token=""      Bearer token for authentication to the API server
173
174
175       --username=""      Username for basic authentication to the API server
176
177
178       --version=false      Print version information and quit
179
180
181       --warnings-as-errors=false      Treat warnings received from the server
182       as errors and exit with a non-zero exit code
183
184
185

EXAMPLE

187                # Create a role binding for user1, user2, and group1 using the admin cluster role
188                kubectl create rolebinding admin --clusterrole=admin --user=user1 --user=user2 --group=group1
189
190                # Create a role binding for serviceaccount monitoring:sa-dev using the admin role
191                kubectl create rolebinding admin-binding --role=admin --serviceaccount=monitoring:sa-dev
192
193
194
195

SEE ALSO

197       kubectl-create(1),
198
199
200

HISTORY

202       January 2015, Originally compiled by Eric Paris (eparis at  redhat  dot
203       com)  based  on the kubernetes source material, but hopefully they have
204       been automatically generated since!
205
206
207
208Manuals                              User            KUBERNETES(1)(kubernetes)
Impressum