From c1f4c5c4a2802dab33cf4ee605298d96bafdaaf4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9C=B1=E6=AD=A3=E6=B5=A9=2CZhu=20Zhenghao?= Date: Wed, 5 Apr 2023 22:36:28 +0800 Subject: [PATCH] Cleanup page rbac --- content/en/docs/reference/access-authn-authz/rbac.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/content/en/docs/reference/access-authn-authz/rbac.md b/content/en/docs/reference/access-authn-authz/rbac.md index a5bb85f5029..06d84c8e06f 100644 --- a/content/en/docs/reference/access-authn-authz/rbac.md +++ b/content/en/docs/reference/access-authn-authz/rbac.md @@ -929,8 +929,8 @@ to a role that grants that permission. To allow a user to create/update role bin 1. Grant them a role that allows them to create/update RoleBinding or ClusterRoleBinding objects, as desired. 2. Grant them permissions needed to bind a particular role: - * implicitly, by giving them the permissions contained in the role. - * explicitly, by giving them permission to perform the `bind` verb on the particular Role (or ClusterRole). + * implicitly, by giving them the permissions contained in the role. + * explicitly, by giving them permission to perform the `bind` verb on the particular Role (or ClusterRole). For example, this ClusterRole and RoleBinding would allow `user-1` to grant other users the `admin`, `edit`, and `view` roles in the namespace `user-1-namespace`: @@ -1105,7 +1105,7 @@ Examples: * Test applying a manifest file of RBAC objects, displaying changes that would be made: - ``` + ```shell kubectl auth reconcile -f my-rbac-rules.yaml --dry-run=client ``` @@ -1260,7 +1260,7 @@ Here are two approaches for managing this transition: Run both the RBAC and ABAC authorizers, and specify a policy file that contains the [legacy ABAC policy](/docs/reference/access-authn-authz/abac/#policy-file-format): -``` +```shell --authorization-mode=...,RBAC,ABAC --authorization-policy-file=mypolicy.json ```