kyma alpha authorize group

Authorizes a group with Kyma RBAC resources.

Synopsis

Create a RoleBinding or ClusterRoleBinding that grants access to a Kyma role or cluster role for a group.

bash

kyma alpha authorize group [flags]

Examples

bash

  # Bind a group cluster-wide to a ClusterRole (ClusterRoleBinding)
  kyma alpha authorize group --name team-observability --clusterrole kyma-read-all --cluster-wide

  # Bind a group to a namespaced Role (RoleBinding)
  kyma alpha authorize group --name developers --role edit --namespace dev

  # Generate JSON for a cluster-wide binding
  kyma alpha authorize group --name ops-team --clusterrole cluster-admin --cluster-wide -o json
  
  # Preview (dry-run) the YAML for a RoleBinding without applying
  kyma alpha authorize group --name ops-team --role edit --namespace dev --dry-run -o yaml

Flags

text

      --binding-name string     Custom name for the RoleBinding or ClusterRoleBinding. If not specified, a name is auto-generated based on the role and subject
      --cluster-wide            Creates a ClusterRoleBinding for cluster-wide access (requires --clusterrole)
      --clusterrole string      ClusterRole name to bind (for ClusterRoleBinding with --cluster-wide, or RoleBinding in namespace)
      --dry-run                 Previews the YAML/JSON output without applying resources to the cluster
      --force                   Forces application of the binding, overwriting if it already exists
      --name stringSlice        Name(s) of the subject(s) to authorize (required) (default "[]")
      --namespace string        Namespace for RoleBinding (required when binding a Role or binding a ClusterRole to a specific namespace)
  -o, --output string           Output format for dry-run (yaml or json)
      --role string             Role name to bind (creates RoleBinding in specified namespace)
      --context string          The name of the kubeconfig context to use
  -h, --help                    Help for the command
      --kubeconfig string       Path to the Kyma kubeconfig file
      --show-extensions-error   Prints a possible error when fetching extensions fails
      --skip-extensions         Skips fetching extensions from the target Kyma environment

Istio Service Mesh

Tutorials

Technical Reference

Troubleshooting

Tutorials

Mutual TLS Authentication

Security

Custom Resources

APIGateway Custom Resource

APIRule Custom Resource

APIRule Migration

Technical Reference

Troubleshooting Guides

Working with Multiple Subaccounts

Resources

Tutorials

Troubleshooting

Technical Reference

Runtime Agent

Tutorials

Resources

Tutorials

Register a Service

VPC Peering

Resources

Tutorials

Tutorials

Resources

Troubleshooting for the Eventing Module

Resources

Troubleshooting

Tutorials

Resources

Technical Reference

Troubleshooting Guides

Collecting Logs

Collecting Traces

Collecting Metrics

Filtering and Processing Data

Transform and Filter with OTTL

Integrate with your OTLP Backend

Architecture

Integration Guides

Resources

Tutorials

Resources

Technical Reference

Tutorials

Commands

kyma alpha authorize group ​

Synopsis ​

Examples ​

Flags ​

See also ​

kyma alpha authorize group

Synopsis

Examples

Flags

See also