René's URL Explorer Experiment

Title: Authorize actions in clusters using role-based access control | GKE security | Google Cloud Documentation

Open Graph Title: Authorize actions in clusters using role-based access control | GKE security | Google Cloud Documentation

Description: Authorize actions in clusters using role-based access control (RBAC) in Kubernetes.

Open Graph Description: Authorize actions in clusters using role-based access control (RBAC) in Kubernetes.

Opengraph URL: https://docs.cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control

direct link

Domain: cloud.google.com

Hey, it has json ld scripts:

  {
    "@context": "https://schema.org",
    "@type": "Article",
    
    "headline": "Authorize actions in clusters using role-based access control"
  }

  {
    "@context": "https://schema.org",
    "@type": "BreadcrumbList",
    "itemListElement": [{
      "@type": "ListItem",
      "position": 1,
      "name": "Google Kubernetes Engine (GKE)",
      "item": "https://docs.cloud.google.com/kubernetes-engine/docs"
    },{
      "@type": "ListItem",
      "position": 2,
      "name": "GKE security",
      "item": "https://docs.cloud.google.com/kubernetes-engine/docs/concepts/security-overview"
    },{
      "@type": "ListItem",
      "position": 3,
      "name": "Authorize actions in clusters using role-based access control",
      "item": "https://docs.cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control"
    }]
  }

google-signin-client-id	721724668570-nbkv1cfusk7kk4eni4pjvepaus73b13t.apps.googleusercontent.com
google-signin-scope	profile email https://www.googleapis.com/auth/developerprofiles https://www.googleapis.com/auth/developerprofiles.award https://www.googleapis.com/auth/devprofiles.full_control.firstparty
og:site_name	Google Cloud Documentation
og:type	website
theme-color	#1a73e8
None	IE=Edge
og:image	https://docs.cloud.google.com/_static/cloud/images/social-icon-google-cloud-1200-630.png
og:image:width	1200
og:image:height	630
og:locale	en
twitter:card	summary_large_image

Links:

Skip to main content	https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control#main-content
	https://cloud.google.com/
Technology areas	https://docs.cloud.google.com/docs
AI and ML	https://docs.cloud.google.com/docs/ai-ml
Application development	https://docs.cloud.google.com/docs/application-development
Application hosting	https://docs.cloud.google.com/docs/application-hosting
Compute	https://docs.cloud.google.com/docs/compute-area
Data analytics and pipelines	https://docs.cloud.google.com/docs/data
Databases	https://docs.cloud.google.com/docs/databases
Distributed, hybrid, and multicloud	https://docs.cloud.google.com/docs/dhm-cloud
Industry solutions	https://docs.cloud.google.com/docs/industry
Migration	https://docs.cloud.google.com/docs/migration
Networking	https://docs.cloud.google.com/docs/networking
Observability and monitoring	https://docs.cloud.google.com/docs/observability
Security	https://docs.cloud.google.com/docs/security
Storage	https://docs.cloud.google.com/docs/storage
Cross-product tools	https://docs.cloud.google.com/docs/cross-product-overviews
Access and resources management	https://docs.cloud.google.com/docs/access-resources
Costs and usage management	https://docs.cloud.google.com/docs/costs-usage
Infrastructure as code	https://docs.cloud.google.com/docs/iac
SDK, languages, frameworks, and tools	https://docs.cloud.google.com/docs/devtools
Console	https://console.cloud.google.com/
	https://docs.cloud.google.com/kubernetes-engine/docs/concepts/security-overview
Google Kubernetes Engine (GKE)	https://docs.cloud.google.com/kubernetes-engine/docs
GKE security	https://docs.cloud.google.com/kubernetes-engine/docs/concepts/security-overview
Start free	https://console.cloud.google.com/freetrial
Overview	https://docs.cloud.google.com/kubernetes-engine/docs
Guides	https://docs.cloud.google.com/kubernetes-engine/docs/concepts/security-overview
	https://cloud.google.com/
Technology areas	https://cloud.google.com/docs
Overview	https://cloud.google.com/kubernetes-engine/docs
Guides	https://cloud.google.com/kubernetes-engine/docs/concepts/security-overview
Cross-product tools	https://cloud.google.com/docs/cross-product-overviews
Console	https://console.cloud.google.com/
GKE security overview	https://cloud.google.com/kubernetes-engine/docs/concepts/security-overview
Overview	https://cloud.google.com/kubernetes-engine/security/explore-gke-docs
Main GKE documentation	https://cloud.google.com/kubernetes-engine/docs/concepts/kubernetes-engine-overview
GKE AI/ML documentation	https://cloud.google.com/kubernetes-engine/docs/concepts/machine-learning
GKE networking documentation	https://cloud.google.com/kubernetes-engine/docs/concepts/explore-gke-networking-docs-use-cases
GKE security documentation	https://cloud.google.com/kubernetes-engine/docs/concepts/security-overview
GKE fleet management documentation	https://cloud.google.com/kubernetes-engine/fleet-management/docs
Security measures in GKE Autopilot	https://cloud.google.com/kubernetes-engine/docs/concepts/autopilot-security
About cluster trust	https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-trust
Shared security responsibilities	https://cloud.google.com/kubernetes-engine/docs/concepts/shared-responsibility
Authenticate to the GKE API	https://cloud.google.com/kubernetes-engine/docs/authentication
Authenticate to the Kubernetes API server	https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication
Use external identity providers to authenticate to GKE clusters	https://cloud.google.com/kubernetes-engine/docs/how-to/oidc
About service accounts in GKE	https://cloud.google.com/kubernetes-engine/docs/how-to/service-accounts
Configure GKE node service accounts	https://cloud.google.com/kubernetes-engine/security/configure-node-service-accounts
About RBAC and IAM	https://cloud.google.com/kubernetes-engine/docs/concepts/access-control
Best practices for RBAC	https://cloud.google.com/kubernetes-engine/docs/best-practices/rbac
Authorize access to Google Cloud resources using IAM policies	https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Authorize actions in clusters using GKE RBAC	https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control
Manage permissions for groups using Google Groups with RBAC	https://cloud.google.com/kubernetes-engine/docs/how-to/google-groups-rbac
Enable access and view cluster resources by namespace	https://cloud.google.com/kubernetes-engine/docs/how-to/restrict-resources-access-by-namespace
Access scopes in GKE	https://cloud.google.com/kubernetes-engine/docs/how-to/access-scopes
About Workload Identity Federation for GKE	https://cloud.google.com/kubernetes-engine/docs/concepts/workload-identity
Authenticate to Google Cloud APIs from GKE	https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity
Access secrets stored outside GKE clusters using client libraries	https://cloud.google.com/kubernetes-engine/docs/tutorials/workload-identity-secrets
Access private registries with private CA certificates	https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates
Harden your clusters	https://cloud.google.com/kubernetes-engine/docs/how-to/hardening-your-cluster
Security patching	https://cloud.google.com/kubernetes-engine/docs/resources/security-patching
Mitigate security incidents	https://cloud.google.com/kubernetes-engine/docs/how-to/security-mitigations
Disable the insecure kubelet read-only port	https://cloud.google.com/kubernetes-engine/docs/how-to/disable-kubelet-readonly-port
Run VM agents on every GKE node	https://cloud.google.com/kubernetes-engine/docs/how-to/enforce-vm-agents
Manage node SSH access without using SSH keys	https://cloud.google.com/kubernetes-engine/docs/how-to/enable-oslogin
Securely load modules on nodes running COS	https://cloud.google.com/kubernetes-engine/security/secure-modules-cos
About GKE Sandbox	https://cloud.google.com/kubernetes-engine/docs/concepts/sandbox-pods
Isolate your workloads using GKE Sandbox	https://cloud.google.com/kubernetes-engine/docs/how-to/sandbox-pods
Isolate your workloads in dedicated node pools	https://cloud.google.com/kubernetes-engine/docs/how-to/isolate-workloads-dedicated-nodes
About seccomp in GKE	https://cloud.google.com/kubernetes-engine/docs/concepts/seccomp-in-gke
Isolate your workloads using sole-tenant nodes	https://cloud.google.com/kubernetes-engine/docs/how-to/sole-tenancy
Configure workload separation in GKE	https://cloud.google.com/kubernetes-engine/docs/how-to/workload-separation
Rotate your cluster's credentials	https://cloud.google.com/kubernetes-engine/docs/how-to/credential-rotation
Rotate your control plane IP addresses	https://cloud.google.com/kubernetes-engine/docs/how-to/ip-rotation
About FIPS-validated encryption in GKE	https://cloud.google.com/kubernetes-engine/docs/concepts/gke-fips-compliance
Encrypt your data in-use with GKE Confidential Nodes	https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes
Encrypt your data in-transit in GKE with user-managed encryption keys	https://cloud.google.com/kubernetes-engine/docs/how-to/enable-inter-node-transparent-encryption
Encrypt data at rest with keys that you manage	https://cloud.google.com/kubernetes-engine/docs/how-to/using-cmek
Encrypt Secrets at the application layer	https://cloud.google.com/kubernetes-engine/docs/how-to/encrypting-secrets
vTPM in Confidential GKE workloads	https://cloud.google.com/kubernetes-engine/docs/how-to/vtpms
Apply predefined Pod-level security policies using PodSecurity	https://cloud.google.com/kubernetes-engine/docs/how-to/podsecurityadmission
Apply custom Pod-level security policies using Gatekeeper	https://cloud.google.com/kubernetes-engine/docs/how-to/pod-security-policies-with-gatekeeper
Restrict actions on GKE resources using custom organization policies	https://cloud.google.com/kubernetes-engine/docs/how-to/custom-org-policies
Selectively enforce firewall policies in GKE	https://cloud.google.com/kubernetes-engine/docs/how-to/tags-firewall-policies
Use network tags to apply firewall rules to nodes	https://cloud.google.com/kubernetes-engine/docs/how-to/autopilot-network-tags
About control plane security	https://cloud.google.com/kubernetes-engine/docs/concepts/control-plane-security
About cluster trust	https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-trust
About control plane authority	https://cloud.google.com/kubernetes-engine/docs/concepts/about-control-plane-authority
Run your own certificate authorities and keys in GKE	https://cloud.google.com/kubernetes-engine/docs/tutorials/run-your-own-cas-keys
Encrypt etcd and control plane boot disks	https://cloud.google.com/kubernetes-engine/docs/how-to/encrypt-etcd-control-plane-disks
Rotate customer-managed control plane CAs and keys	https://cloud.google.com/kubernetes-engine/docs/how-to/rotate-control-plane-cas-keys
Rotate etcd and control plane boot disk encryption keys	https://cloud.google.com/kubernetes-engine/docs/how-to/rotate-etcd-kcp-encryption-keys
Verify Google connections to the GKE control plane	https://cloud.google.com/kubernetes-engine/docs/how-to/verify-google-connections-control-plane
Verify identity issuance and usage	https://cloud.google.com/kubernetes-engine/docs/how-to/verify-identity-issuance-usage
Verify GKE control plane VM integrity	https://cloud.google.com/kubernetes-engine/docs/how-to/verify-control-plane-vm-integrity
Audit logging for Kubernetes	https://cloud.google.com/kubernetes-engine/docs/how-to/audit-logging
Audit logging for Kubernetes Engine	https://cloud.google.com/kubernetes-engine/docs/how-to/audit-logging-container
Audit logging for Container Security API	https://cloud.google.com/kubernetes-engine/docs/how-to/audit-logging-container-security
About audit policy	https://cloud.google.com/kubernetes-engine/docs/concepts/audit-policy
Enable Linux auditd logging in Standard clusters	https://cloud.google.com/kubernetes-engine/docs/how-to/linux-auditd-logging
About the security posture dashboard	https://cloud.google.com/kubernetes-engine/docs/concepts/about-security-posture-dashboard
About Kubernetes security posture scanning	https://cloud.google.com/kubernetes-engine/docs/concepts/about-configuration-scanning
Scan workloads for configuration issues	https://cloud.google.com/kubernetes-engine/docs/how-to/protect-workload-configuration
About workload vulnerability scanning	https://cloud.google.com/kubernetes-engine/docs/concepts/about-workload-vulnerability-scanning
Scan containers for known vulnerabilities	https://cloud.google.com/kubernetes-engine/docs/how-to/security-posture-vulnerability-scanning
Configure GKE security posture features for fleets	https://cloud.google.com/kubernetes-engine/docs/how-to/fleet-security-posture
Authentication	https://cloud.google.com/kubernetes-engine/docs/troubleshooting/authentication
Service accounts	https://cloud.google.com/kubernetes-engine/docs/troubleshooting/service-accounts
Application-layer secrets encryption	https://cloud.google.com/kubernetes-engine/docs/troubleshooting/troubleshoot-secrets
CRDs with an invalid CA bundle	https://cloud.google.com/kubernetes-engine/docs/how-to/crd-with-invalid-caBundle
AI and ML	https://cloud.google.com/docs/ai-ml
Application development	https://cloud.google.com/docs/application-development
Application hosting	https://cloud.google.com/docs/application-hosting
Compute	https://cloud.google.com/docs/compute-area
Data analytics and pipelines	https://cloud.google.com/docs/data
Databases	https://cloud.google.com/docs/databases
Distributed, hybrid, and multicloud	https://cloud.google.com/docs/dhm-cloud
Industry solutions	https://cloud.google.com/docs/industry
Migration	https://cloud.google.com/docs/migration
Networking	https://cloud.google.com/docs/networking
Observability and monitoring	https://cloud.google.com/docs/observability
Security	https://cloud.google.com/docs/security
Storage	https://cloud.google.com/docs/storage
Access and resources management	https://cloud.google.com/docs/access-resources
Costs and usage management	https://cloud.google.com/docs/costs-usage
Infrastructure as code	https://cloud.google.com/docs/iac
SDK, languages, frameworks, and tools	https://cloud.google.com/docs/devtools
Home	https://docs.cloud.google.com/
Documentation	https://docs.cloud.google.com/docs
Application hosting	https://docs.cloud.google.com/docs/application-hosting
Google Kubernetes Engine (GKE)	https://docs.cloud.google.com/kubernetes-engine/docs
GKE security	https://docs.cloud.google.com/kubernetes-engine/docs/concepts/security-overview
Autopilot	https://cloud.google.com/kubernetes-engine/docs/concepts/autopilot-overview
Standard	https://cloud.google.com/kubernetes-engine/docs/concepts/choose-cluster-mode
Common GKE user roles and tasks	https://cloud.google.com/kubernetes-engine/enterprise/docs/concepts/roles-tasks
Overview of Kubernetes RBAC	https://kubernetes.io/docs/reference/access-authn-authz/rbac/
Best practices for GKE RBAC	https://cloud.google.com/kubernetes-engine/docs/best-practices/rbac
Enable Google Kubernetes Engine API	https://console.cloud.google.com/flows/enableapi?apiid=container.googleapis.com
install	https://cloud.google.com/sdk/docs/install
initialize	https://cloud.google.com/sdk/docs/initializing
property	https://cloud.google.com/sdk/docs/properties#setting_properties
Identity and Access Management (IAM)	https://cloud.google.com/kubernetes-engine/docs/how-to/iam
configure the kubectl command to authenticate to Google Cloud	https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-access-for-kubectl
Cluster access for kubectl	https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-access-for-kubectl#authentication
Role	https://kubernetes.io/docs/reference/kubernetes-api/authorization-resources/role-v1/
ClusterRole	https://kubernetes.io/docs/reference/kubernetes-api/authorization-resources/cluster-role-v1/
cluster-admin IAM role	https://cloud.google.com/iam/docs/roles-permissions/container
Configure Google Groups for RBAC	https://cloud.google.com/kubernetes-engine/docs/how-to/google-groups-rbac
pod-reader Role	https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control#role
Identity and Access Management (IAM)	https://cloud.google.com/kubernetes-engine/docs/how-to/iam
Verifying API Access	https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access
Using Role-Based Access Control Authorization	https://kubernetes.io/docs/reference/access-authn-authz/rbac/
Admin activity audit log	https://cloud.google.com/kubernetes-engine/docs/how-to/audit-logging
default ClusterRoles and ClusterRoleBindings	https://kubernetes.io/docs/reference/access-authn-authz/rbac/#discovery-roles
CustomResourceDefinitions	https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/#customresourcedefinitions
configure Google Groups for RBAC	https://cloud.google.com/kubernetes-engine/docs/how-to/google-groups-rbac
create IAM allow policies	https://cloud.google.com/kubernetes-engine/docs/how-to/iam
access control	https://cloud.google.com/kubernetes-engine/docs/concepts/access-control
best practices for GKE RBAC	https://cloud.google.com/kubernetes-engine/docs/best-practices/rbac
authenticate to the Kubernetes API server	https://cloud.google.com/kubernetes-engine/docs/how-to/api-server-authentication
Creative Commons Attribution 4.0 License	https://creativecommons.org/licenses/by/4.0/
Apache 2.0 License	https://www.apache.org/licenses/LICENSE-2.0
Google Developers Site Policies	https://developers.google.com/site-policies
See all products	https://cloud.google.com/products/
Google Cloud pricing	https://cloud.google.com/pricing/
Google Cloud Marketplace	https://cloud.google.com/marketplace/
Contact sales	https://cloud.google.com/contact/
Community forums	https://discuss.google.dev/c/google-cloud/14/
Support	https://cloud.google.com/support-hub/
Release Notes	https://docs.cloud.google.com/release-notes
System status	https://status.cloud.google.com
GitHub	https://github.com/googlecloudPlatform/
Getting Started with Google Cloud	https://cloud.google.com/docs/get-started/
Code samples	https://cloud.google.com/docs/samples
Cloud Architecture Center	https://cloud.google.com/architecture/
Training and Certification	https://cloud.google.com/learn/training/
Blog	https://cloud.google.com/blog/
Events	https://cloud.google.com/events/
X (Twitter)	https://x.com/googlecloud
Google Cloud on YouTube	https://www.youtube.com/googlecloud
Google Cloud Tech on YouTube	https://www.youtube.com/googlecloudplatform
About Google	https://about.google/
Privacy	https://policies.google.com/privacy
Site terms	https://policies.google.com/terms?hl=en
Google Cloud terms	https://cloud.google.com/product-terms
Manage cookies	https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control
Our third decade of climate action: join us	https://cloud.google.com/sustainability
Subscribe	https://cloud.google.com/newsletter/

Viewport: width=device-width, initial-scale=1

URLs of crawlers that visited me.