Home > other >  Is there a way to see RBAC events for GKE clusters?
Is there a way to see RBAC events for GKE clusters?

Time:06-02

I have a GKE cluster that uses a mix of Cloud IAM and cluster RBAC rules for resource access. For granularity, we use RBAC bindings for certain resources on the cluster, but I'm unable to find a place where those events are logged.

How do I see the logs for when cluster RBAC denies a user the permissions to do something? I can only see IAM related logs in Cloud Logging's audit logs. I'd like to know when the cluster itself denies access.

CodePudding user response:

You can check the Kube API logs

kubectl proxy &
curl -s http://localhost:8001/logs/kube-apiserver.log

While GKE logs : https://cloud.google.com/kubernetes-engine/docs/how-to/audit-logging#viewing_logs

CodePudding user response:

You can find the GCP events in the GKE audit logs as described here.

The RBAC related events can be obtained from the kubeapi server as described here

Page link:https//www.codepudding.com/other/427316.html

Prev:fatal: unsafe repository is owned by someone else - GitHub actions workflow
Next:How can I modify the proxied path in a Kubernetes NGINX Ingress
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding