How to determine which username and group I have in a cluster using kubectl
Authentication section of k8s documentation is talking about:
When enabled, requests that are not rejected by other configured authentication methods are treated as anonymous requests, and given a username of system:anonymous and a group of system:unauthenticated.
since there are different ways to identify myself when interacting with the API, it's not always clear how it recognised me - I mean as which username and which group it thinks I belong to. Is there any way to see that via kubectl?
Comments
-
Thank you @serewicz. Yes, I understand that there is no session as such, but when I have started to use kubectl from one machine, provided that the environment in which it is running remains stable, I will be consistently recognised as the same user having the same groups. Just wanted to understand how a troubleshooting workflow would look like if I'm expecting that I'm user X with one set of groups, but in fact I'm being recognised as user Y with another set of groups. Due to the fact that user identity can be taken from many different places, user may expect that it's taken from, say, config file, but there is an environment variable that he is not aware of which instructs kubectl to use some other identity.
Checked your suggestion with auditing and indeed, this information is shown. So it provides some way of doing this.
0
Categories
- All Categories
- 176 LFX Mentorship
- 176 LFX Mentorship: Linux Kernel
- 750 Linux Foundation IT Professional Programs
- 373 Cloud Engineer IT Professional Program
- 169 Advanced Cloud Engineer IT Professional Program
- 74 DevOps IT Professional Program - Discontinued
- 4 DevOps & GitOps IT Professional Program
- 99 Cloud Native Developer IT Professional Program
- 7.6K Training Courses & Learning Paths
- 1 AI & ML Training
- 1 Blockchain & Decentralized Identity Training
- 3 Cloud & Containers Training
- 1 Cybersecurity Training
- 1 DevOps & Site-Reliability Training
- 1 Linux Kernel Development Training
- 1 Networking Training
- 1 Open Source Best Practice Training
- 1 System Administration Training
- 1 System Engineering Training
- 1 Web & Application Development Training
- 792 Hardware
- 202 Drivers
- 68 I/O Devices
- 37 Monitors
- 95 Multimedia
- 173 Networking
- 91 Printers & Scanners
- 87 Storage
- 768 Linux Distributions
- 81 Debian
- 67 Fedora
- 22 Linux Mint
- 13 Mageia
- 24 openSUSE
- 150 Red Hat Enterprise
- 31 Slackware
- 13 SUSE Enterprise
- 356 Ubuntu
- 465 Linux System Administration
- 31 Cloud Computing
- 73 Command Line/Scripting
- Github systems admin projects
- 98 Linux Security
- 78 Network Management
- 101 System Management
- 46 Web Management
- 106 Mobile Computing
- 18 Android
- 73 Development
- 1.2K New to Linux
- 1K Getting Started with Linux
- 392 Off Topic
- 121 Introductions
- 181 Small Talk
- 29 Study Material
- 949 Programming and Development
- 310 Kernel Development
- 621 Software Development
- 982 Software
- 374 Applications
- 182 Command Line
- 5 Compiling/Installing
- 68 Games
- 317 Installation
- Archived
- 2 LFD140 Class Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)