How can I define that only configmap and secret are forbidden to be obtained?

lizhifengones · November 8, 2021, 7:20am

Asking for help? Comment out what you need so we can get more information to help you!

now:

rules:
- apiGroups:
  - '*'
  resources:
  - '*'
  verbs:
  - get
  - list

I expect to use

- "!secrets"
- "!configmaps"

, but it doesn’t seem to take effect

Kubernetes version: 1.16
Cloud being used: (put bare-metal if not on a public cloud)
Installation method:
Host OS:
CNI and version:
CRI and version:

You can format your yaml by highlighting it and pressing Ctrl-Shift-C, it will make your output easier to read.

Topic	Replies	Views
Does anyone know this issue GKE forbidden io.k8s.core.v1.configmaps.list operation? General Discussions	331	February 16, 2022
RBAC Issue, General Discussions development	443	December 11, 2020
Any replacement to kubectl get deployment test -o yaml to extract raw yaml file without timestamp information? General Discussions	532	April 20, 2020
Strip down superuser General Discussions security	304	March 3, 2023
This is about the right to access to my pod with http: troubleshooting General Discussions	112	January 18, 2024