search

ansible-collections / community.kubernetes

Kubernetes Collection for Ansible
https://galaxy.ansible.com/community/kubernetes
GNU General Public License v3.0
265 stars 106 forks source link

Add hint for `pod/exec` RBAC resource to `k8s_exec` #339

Closed stiller-leser closed 3 years ago

stiller-leser commented 3 years ago
SUMMARY

When working with limited RBAC rules and the k8s_exec module it would be very helpful to be aware of the requirement to add 

- apiGroups:
  - ""
  resources:
  - pods/exec
  verbs:
  - create
  - get

to the RBAC rule. I for one was not aware of the sub-resouces.

Happy to add it myself, but I am not sure how the documentation is generated.

ISSUE TYPE
COMPONENT NAME

community.kubernetes.k8s_exec

Akasurde commented 3 years ago

@stiller-leser Thanks for reporting this. Would you be interested in raising PR? thanks.

stiller-leser commented 3 years ago

Happy to add it myself, but I am not sure how the documentation is generated. ;)

Am I right to assume that I would only need do add something like this here: https://github.com/ansible-collections/community.kubernetes/blob/main/plugins/modules/k8s_exec.py#L32

rbac verbs required:
  - pods/exec resource
     - create
     - get