Azure AKS - Create Role Definition in Azure AKS
The Azure AKS Account created in the previous chapter needs to be governed by some roles. These roles are defined in an orderly fashion as a YAML file and deployed in your Kubernetes cluster.
Azure AKS - Create Manifest File for Role Definition
To define the roles required by the Azure AKS account, you need to create a YAML file. The file role.yaml, with its contents, is shown below:
Note
The parameters required to create this YAML file, ready to be deployed, are explained in the Properties section.
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
creationTimestamp: null
name: ncache-operator
rules:
- apiGroups:
- ""
resources:
- pods
- services
- endpoints
- persistentvolumeclaims
- events
- configmaps
- secrets
verbs:
- '*'
- apiGroups:
- apps
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
verbs:
- '*'
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- apiGroups:
- apps
resourceNames:
- ncache-operator
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- alachisoft.ncache
resources:
- '*'
- ncaches
verbs:
- '*'
Create Role Definition in Kubernetes Cluster
Executing the following kubectl command will ensure that the role.yaml file gets deployed within the Azure AKS cluster.
kubectl create -f [dir]/role.yaml
Properties
The properties required to create a role in Kubernetes are explained below:
| Parameter | Description |
|---|---|
-kind |
This can be of many different types like a Deployment, a Service, DaemonSet, or StatefulSet. In this case, it will be a Role. |
-apiVersion |
Specifies the version of the kind and it depends on the underlying version of Kubernetes. |
-name |
Specifies the name of the Operator you will deploy that needs access to the service account. |
-rules |
Specifies the set of rules required for deployment of the role. |
-apiGroups |
Specifies the name and details of all or some API groups. |
The next step is to bind these roles with the service account, the steps of which have been explained in the next chapter.
See Also
Create Role Binding in Kubernetes
Create NCache Operator in Kubernetes
Create Custom Resource in Kubernetes
