ClusterRoleBinding references a ClusterRole, but not contain it. It can reference any ClusterRole in the same namespace or in the global namespace. It adds who information via (users and Groups) OR Subjects and namespace information by which namespace it exists in. ClusterRoleBindings in a given namespace only have effect in that namespace (excepting the master namespace which has power in all namespaces).
object
ClusterRole is a logical grouping of PolicyRules that can be referenced as a unit by ClusterRoleBindings.
object
LocalResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec in a particular namespace
object
LocalSubjectAccessReview is an object for requesting information about whether a user or group can perform an action in a particular namespace
object
ResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec
object
RoleBindingRestriction is an object that can be matched against a subject (user, group, or service account) to determine whether rolebindings on that subject are allowed in the namespace to which the RoleBindingRestriction belongs. If any one of those RoleBindingRestriction objects matches a subject, rolebindings on that subject in the namespace are allowed.
object
RoleBinding references a Role, but not contain it. It can reference any Role in the same namespace or in the global namespace. It adds who information via (users and Groups) OR Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace (excepting the master namespace which has power in all namespaces).
object
Role is a logical grouping of PolicyRules that can be referenced as a unit by RoleBindings.
object
SelfSubjectRulesReview is a resource you can create to determine which actions you can perform in a namespace
object