Skip to content

Commit 23a13ec

Browse files
makocchi-gitmakocchi-git
committed
fix indent
1 parent 95ee55c commit 23a13ec

File tree

1 file changed

+25
-25
lines changed
  • content/en/docs/reference/access-authn-authz

1 file changed

+25
-25
lines changed

content/en/docs/reference/access-authn-authz/rbac.md

Lines changed: 25 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -1096,37 +1096,37 @@ In order from most secure to least secure, the approaches are:
10961096

10971097
2. Grant a role to the "default" service account in a namespace
10981098

1099-
If an application does not specify a `serviceAccountName`, it uses the "default" service account.
1099+
If an application does not specify a `serviceAccountName`, it uses the "default" service account.
11001100

1101-
{{< note >}}
1102-
Permissions given to the "default" service account are available to any pod
1103-
in the namespace that does not specify a `serviceAccountName`.
1104-
{{< /note >}}
1101+
{{< note >}}
1102+
Permissions given to the "default" service account are available to any pod
1103+
in the namespace that does not specify a `serviceAccountName`.
1104+
{{< /note >}}
11051105

1106-
For example, grant read-only permission within "my-namespace" to the "default" service account:
1106+
For example, grant read-only permission within "my-namespace" to the "default" service account:
11071107

1108-
```shell
1109-
kubectl create rolebinding default-view \
1110-
--clusterrole=view \
1111-
--serviceaccount=my-namespace:default \
1112-
--namespace=my-namespace
1113-
```
1108+
```shell
1109+
kubectl create rolebinding default-view \
1110+
--clusterrole=view \
1111+
--serviceaccount=my-namespace:default \
1112+
--namespace=my-namespace
1113+
```
11141114

1115-
Many [add-ons](/docs/concepts/cluster-administration/addons/) run as the
1116-
"default" service account in the `kube-system` namespace.
1117-
To allow those add-ons to run with super-user access, grant cluster-admin
1118-
permissions to the "default" service account in the `kube-system` namespace.
1115+
Many [add-ons](/docs/concepts/cluster-administration/addons/) run as the
1116+
"default" service account in the `kube-system` namespace.
1117+
To allow those add-ons to run with super-user access, grant cluster-admin
1118+
permissions to the "default" service account in the `kube-system` namespace.
11191119

1120-
{{< caution >}}
1121-
Enabling this means the `kube-system` namespace contains Secrets
1122-
that grant super-user access to your cluster's API.
1123-
{{< /caution >}}
1120+
{{< caution >}}
1121+
Enabling this means the `kube-system` namespace contains Secrets
1122+
that grant super-user access to your cluster's API.
1123+
{{< /caution >}}
11241124

1125-
```shell
1126-
kubectl create clusterrolebinding add-on-cluster-admin \
1127-
--clusterrole=cluster-admin \
1128-
--serviceaccount=kube-system:default
1129-
```
1125+
```shell
1126+
kubectl create clusterrolebinding add-on-cluster-admin \
1127+
--clusterrole=cluster-admin \
1128+
--serviceaccount=kube-system:default
1129+
```
11301130

11311131
3. Grant a role to all service accounts in a namespace
11321132

0 commit comments

Comments
 (0)