// Aula 29 - ClusterRoles
 
vim readonly.yaml 

# readonly.yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: readonly
rules:
- apiGroups: ["*"]
  verbs: ["get", "list", "watch"]
  resources: ["*"]

# kubectl apply -f readonly.yaml

# kubectl get clusterrole

# vim cluster-operator.yaml

# cluster-operator.yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: cluster-operator
rules:
- apiGroups: ["*"]
  verbs: ["*"]
  resources: ["*"]

# kubectl apply -f cluster-operator.yaml

# kubectl create clusterrole <nome> --verb=verb1,verb2 --resource=resource1,resource2