kanchana:
hi, i am in RBAC authorization section of security
sometimes when i edit the role like adding api groups as apps and extensions, i need to delete and recreate the role.
is that a perfect thing to do . please confirm.
Memo Toro:
HI @kanchana that is fine. If k8s complains about it, it could be the role is linked to a role binding, but I haven’t seen that to be honest. If that is the case, get the yaml description of the role binding and delete that also and then recreate all of them.
kanchana:
hi how do we get the yaml description of the deployed role
kanchana:
could you please help to get that
runlevl4:
Use -o yaml.
Memo Toro:
Hi @kanchana sorry for the late reply. As runlevl4 you could always get the yaml descriptor of any object as kubectl get OBJECT OBJECT_NAME -o yaml where object is the kubernetes object. It could be kubectl get rolebinding my-role-binding -o yaml
Mohamed Ayman:
That’s normal, not all the options can be edited directly using kubectl edit command but you will need to delete and recreate it as mentioned above.
kanchana:
ok thanks