Read-only Access in Kubernetes

Configure read-only access to your Kubernetes cluster in DuploCloud

Configuring Read-only Access in Kubernetes

Complete the following steps to configure read-only access to a Kubernetes cluster.

Save the below content as a file name service-account-readonly-setup.yaml.

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: duplo-readonly-user
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: duplo-readonly-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: view
subjects:
- kind: ServiceAccount
  name: duplo-readonly-user
  namespace: kube-system
---
apiVersion: v1
kind: Secret
metadata:
  name: duplo-readonly-token
  namespace: kube-system
  annotations:
    kubernetes.io/service-account.name: duplo-readonly-user
type: kubernetes.io/service-account-token
---

Run kubectl apply -f service-account-readonly-setup.yaml. This will create a new service account with read-only permission.
Run kubectl -n kube-system describe secret duplo-readonly-token to fetch the token. This can be used in DuploCloud to import the cluster as a read-only infrastructure.

With the above token, EKS server URL, and certificate-authority-data, create a kubeconfig as follows. The server URL and certificate-authority-data are in the cloud console under the cluster settings. The DuploCloud service account can interact with the Kubernetes cluster with read-only permissions.

apiVersion: v1
kind: Config
clusters:
- name: eks-cluster
  cluster:
    server: <url>
    certificate-authority-data: <put the certificate auth data here>
contexts:
- name: eks-context
  context:
    cluster: eks-cluster
    user: duplo-readonly-user
current-context: eks-context
users:
- name: duplo-readonly-user
  user:
    token: <YOUR_BEARER_TOKEN>

PreviousKubectl Tokens and Access Management NextMirantis Lens

Last updated 1 year ago

Was this helpful?

hashtagConfiguring Read-only Access in Kubernetes

Configuring Read-only Access in Kubernetes