rback icon indicating copy to clipboard operation
rback copied to clipboard

Published 20 hours ago verified publisher icon team-soteria

Show directly related ClusterRoles&Bindings when resource not specified

Open luksa opened this issue 5 years ago • 0 comments

Using the example RBAC resources from examples/create-example-rbac-rules.sh, as you would expect, if you run

kubectl rback -n namespace1 sa

rback shows three additional (Cluster)RoleBindings that aren't in namespace1, but reference ServiceAccounts in that namespace.

But if you run

kubectl rback -n namespace1

those three additional (Cluster)RoleBindings aren't shown. IMHO, they should be, since they are all directly related to some resources in namespace1. When you don't specify a resource kind, but do specify a namespace, rback should show all RBAC resources from namespace1 plus all directly related resources (from any other namespace or cluster-scope).

It should show:

  • all (Cluster)RoleBindings that reference any ServiceAccount from the namespace
  • all subjects that are referenced by RoleBindings in the namespace (*rback already does this)
  • all ClusterRoles that are referenced by RoleBindings in the namespace (*rback already does this)

luksa avatar Jun 02 '19 09:06 luksa