Ravi Shanker:
Does the verb watch in account role give access to view logs on a pod ? Any documents which provides description and list of resources which can be used for role.
unnivkn:
Good question Ravi… please try this.
unnivkn:
kind: Role
apiVersion: http://rbac.authorization.k8s.io/v1|rbac.authorization.k8s.io/v1
metadata:
namespace: log-namespace
name: display-logs
rules:
- apiGroups: [“”]
resources: [“pods”, “pods/log”, pods/portforward]
verbs: [“get”, “list”, “create”]
Ravi Shanker:
Is there a document which showed the option “pods/log” ?