I am trying to write an RBAC role and need to list the resources I want this role to have access to.
The docs for writing an RBAC role use
pods/log as an example of a resource.
Without looking at the official example RBAC role, how would one know that
pods/log is something that I can add to my RBAC role? What command could I run that would return
pods/log (among other resource names)? What online documentation lists
pods/log (among others) as an option?
I ask because I cannot find a way for an administrator to actually find and list all of the available resources.
AWS, for example, provides this page that lists all of the S3-related permissions, such as
CreateBucket: Actions, resources, and condition keys for Amazon S3 - Service Authorization Reference
Is there equivalent documentation for k8s?