Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add documentation for system:monitoring rbac policy #22715

Merged
merged 1 commit into from
Oct 20, 2020
Merged

add documentation for system:monitoring rbac policy #22715

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion content/en/docs/reference/access-authn-authz/rbac.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -801,7 +801,12 @@ This is commonly used by add-on API servers for unified authentication and autho
<td>None</td>
<td>Allows access to the resources required by most <a href="/docs/concepts/storage/persistent-volumes/#provisioner">dynamic volume provisioners</a>.</td>
</tr>
<tbody>
<tr>
<td><b>system:monitoring</b></td>
<td><b>system:monitoring</b> group</td>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should group appear in bold?

<b>group</b>

I think the <tt> element is deprecated?
For code or endpoints, you can use backticks:
/healthz

The table data content could be formatted as:

Allows read access to control-plane monitoring endpoints such as the {{< glossary_tooltip term_id="kube-apiserver" text="kube-apiserver" >}} liveness and readiness endpoints (/healthz, /livez, /readyz), the individual health-check endpoints (/healthz/*, /livez/*, /readyz/*), and /metrics. Note that individual health check endpoints and the metric endpoint may expose sensitive information.

Copy link
Contributor

@annajung annajung Oct 20, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @kbhawkey, using backticks resulted in the following (#22715 (comment)) so I suggested to change to < tt >. It doesn't seem to be deprecated as the page renders as expected (https://5f7f97dbc52f3c00071d9bee--kubernetes-io-vnext-staging.netlify.app/docs/reference/access-authn-authz/rbac/). PTAL when you can, thank you!

@logicalhan pinging to review Karen's suggestions! :D

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK, the HTML table looks good.
/lgtm

<td>Allows read access to control-plane monitoring endpoints (i.e. {{< glossary_tooltip term_id="kube-apiserver" text="kube-apiserver" >}} liveness and readiness endpoints (<tt>/healthz</tt>, <tt>/livez</tt>, <tt>/readyz</tt>), the individual health-check endpoints (<tt>/healthz/*</tt>, <tt>/livez/*</tt>, <tt>/readyz/*</tt>), and <tt>/metrics</tt>). Note that individual health check endpoints and the metric endpoint may expose sensitive information.</td>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: we prefer to avoid Latin abbreviations (”i.e.” and similar)

</tr>
</tbody>
</table>

### Roles for built-in controllers {#controller-roles}
Expand Down