Name	Name	Last commit message	Last commit date
parent directory ..
README.md	README.md
namespaces.yaml	namespaces.yaml

Namespaces

Analyzed script: namespaces/ensure-namespaces.sh

Table of Content

Terraform resources
Variables used in Components
- [PROJECTS]
Components
Yaml representation of Components

Terraform resources

Provider: Kubernetes

Variables used in Components

`[PROJECTS]`

gcsweb
publishing-bot
k8s-io-prod
k8s-io-canary

Components

Components per [PROJECT]:
- Kubernetes Namespace:
  - [PROJECT]
- Kubernetes Role:
  - namespace-user:
    - namespace: [PROJECT]
    - rules:
      - "":
        
        resources:
        
        configmaps
        
        endpoints
        
        persistentvolumeclaims
        
        pods
        
        resourcequotas
        
        services
        
        verbs:
        
        *
      - "":
        
        resources:
        
        secrets
        
        verbs:
        
        list
      - "":
        
        resources:
        
        events
        
        verbs:
        
        get
        
        list
      - certmanager.k8s.io:
        
        resources:
        
        certificates
        
        verbs:
        
        *
      - coordination.k8s.io:
        
        resources:
        
        leases
        
        verbs:
        
        *
      - batch:
        
        resources:
        
        cronjobs
        
        jobs
        
        verbs:
        
        *
      - autoscaling:
        
        resources:
        
        horizontalpodautoscalers
        
        verbs:
        
        *
      - apps:
        
        resources:
        
        deployments
        
        verbs:
        
        *
      - extensions:
        
        resources:
        
        deployments
        
        ingresses
        
        networkpolicies
        
        verbs:
        
        *
      - networking.k8s.io:
        
        resources:
        
        networkpolicies
        
        verbs:
        
        *
      - storage.k8s.io:
        
        resources:
        
        storageclasses
        
        verbs:
        
        list
      - scheduling.k8s.io:
        
        resources:
        
        priorityclasses
        
        verbs:
        
        list
      - rbac.authorization.k8s.io:
        
        resources:
        
        clusterrolebindings
        
        clusterroles
        
        rolebindings
        
        roles
        
        verbs:
        
        get
        
        list
- Kubernetes Role Binding:
  - namespace-user:
    - namespace: [PROJECT]
    - subjects:
      - k8s-infra-rbac-[PROJECT]@kubernetes.io:
        
        kind: Group
    - role_ref:
      - name: namespace-user
      - kind: Role
      - api_group: rbac.authorization.k8s.io

Yaml representation of Components^G1

kubernetes_namespace:
  - [PROJECT]
kubernetes_role:
  - metadata:
      name: namespace-user
      namespace: [PROJECT]
    rules:
      - api_groups:
          - ""
        resources:
          - configmaps
          - endpoints
          - persistentvolumeclaims
          - pods
          - resourcequotas
          - services
        verbs:
          - "*"
      - api_groups:
          - ""
        resources:
          - secrets
        verbs:
          - list
      - api_groups:
          - ""
        resources:
          - events
        verbs:
          - get
          - list
      - api_groups:
          - certmanager.k8s.io
        resources:
          - certificates
        verbs:
          - "*"
      - api_groups:
          - coordination.k8s.io
        resources:
          - leases
        verbs:
          - "*"
      - api_groups:
          - batch
        resources:
          - cronjobs
          - jobs
        verbs:
          - "*"
      - api_groups:
          - autoscaling
        resources:
          - horizontalpodautoscalers
        verbs:
          - "*"
      - api_groups:
          - apps
        resources:
          - deployments
        verbs:
          - "*"
      - api_groups:
          - extensions
        resources:
          - deployments
          - ingresses
          - networkpolicies
        verbs:
          - "*"
      - api_groups:
          - networking.k8s.io
        resources:
          - networkpolicies
        verbs:
          - "*"
      - api_groups:
          - storage.k8s.io
        resources:
          - storageclasses
        verbs:
          - list
      - api_groups:
          - scheduling.k8s.io
        resources:
          - priorityclasses
        verbs:
          - list
      - api_groups:
          - rbac.authorization.k8s.io
        resources:
          - clusterrolebindings
          - clusterroles
          - rolebindings
          - roles
        verbs:
          - get
          - list
kubernetes_role_binding:
  - metadata:
    name: namespace-user
    namespace: [PROJECT]
    subjects:
      - name: k8s-infra-rbac-[PROJECT]@kubernetes.io
        kind: Group
    role_ref:
      name: namespace-user
      kind: Role
      api_group: rbac.authorization.k8s.io

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

namespaces

namespaces

README.md

Namespaces

Table of Content

Terraform resources

Variables used in Components

`[PROJECTS]`

Components

Yaml representation of Components^G1

Files

namespaces

Directory actions

More options

Directory actions

More options

Latest commit

History

namespaces

Folders and files

parent directory

README.md

Namespaces

Table of Content

Terraform resources

Variables used in Components

[PROJECTS]

Components

Yaml representation of ComponentsG1

`[PROJECTS]`

Yaml representation of Components^G1