Allow to combine multiple subject in the same command
agaudreault opened this issue · comments
Is your feature request related to a problem? Please describe.
We want to get a summary of the permission that can be done for a user. I am not sure if this is the goal of the project or if you are aware of another project that would fit more our needs.
It would be nice if we would be able to do something like kubectl rolesum -K User <username> -K Group <group1> -K Group <group2>
to combine the results of different groups. We use OIDC to authenticate to our cluster and users have multiple groups.
Describe the solution you'd like
New parameters for group and user could be used instead of a global kind.
kubectl rolesum -G <group1,group2> -U <username@k8s.io>
to get groups and/or user- Only
-G
would allow for a list since 2 users does not make sense -G
and-U
cannot be combined with ServiceAccountkubectl rolesum <serviceAccount>
can still be used to query SA.-K <kind>
parameter can still be used for backward, but cannot be combined with-G
or-U
Describe alternatives you've considered
Use another tool for that usecase if you know one!