diff --git a/cluster/addons/e2e-rbac-bindings/kubelet-binding.yaml b/cluster/addons/e2e-rbac-bindings/kubelet-binding.yaml index bb409cad194..066e28b101d 100644 --- a/cluster/addons/e2e-rbac-bindings/kubelet-binding.yaml +++ b/cluster/addons/e2e-rbac-bindings/kubelet-binding.yaml @@ -3,7 +3,7 @@ # TODO cjcullen should figure out how wants to manage his upgrade # this will only hold the e2e tests until we get an authorizer # which authorizes particular nodes -apiVersion: rbac.authorization.k8s.io/v1alpha1 +apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: kubelet-cluster-admin @@ -14,6 +14,6 @@ roleRef: kind: ClusterRole name: system:node subjects: -- apiVersion: rbac/v1alpha1 +- apiGroup: rbac.authorization.k8s.io kind: User name: kubelet diff --git a/cluster/addons/e2e-rbac-bindings/random-addon-grabbag.yaml b/cluster/addons/e2e-rbac-bindings/random-addon-grabbag.yaml index 0e47f35d031..f27c2222497 100644 --- a/cluster/addons/e2e-rbac-bindings/random-addon-grabbag.yaml +++ b/cluster/addons/e2e-rbac-bindings/random-addon-grabbag.yaml @@ -3,7 +3,7 @@ # the system:serviceaccount:kube-system:default identity. We need to subdivide # those service accounts, figure out which ones we're going to make bootstrap roles for # and bind those particular roles in the addon yaml itself. This just gets us started -apiVersion: rbac.authorization.k8s.io/v1alpha1 +apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: todo-remove-grabbag-cluster-admin diff --git a/examples/podsecuritypolicy/rbac/bindings.yaml b/examples/podsecuritypolicy/rbac/bindings.yaml index 8a2c7c9c92d..b07f99ee21b 100644 --- a/examples/podsecuritypolicy/rbac/bindings.yaml +++ b/examples/podsecuritypolicy/rbac/bindings.yaml @@ -1,12 +1,12 @@ # privilegedPSP gives the privilegedPSP role # to the group privileged. -apiVersion: rbac.authorization.k8s.io/v1alpha1 +apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: privileged-psp-users subjects: - kind: Group - apiVersion: rbac.authorization.k8s.io/v1alpha1 + apiGroup: rbac.authorization.k8s.io name: privileged-psp-users roleRef: apiGroup: rbac.authorization.k8s.io @@ -15,16 +15,16 @@ roleRef: --- # restrictedPSP grants the restrictedPSP role to # the groups restricted and privileged. -apiVersion: rbac.authorization.k8s.io/v1alpha1 +apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: restricted-psp-users subjects: - kind: Group - apiVersion: rbac.authorization.k8s.io/v1alpha1 + apiGroup: rbac.authorization.k8s.io name: restricted-psp-users - kind: Group - apiVersion: rbac.authorization.k8s.io/v1alpha1 + apiGroup: rbac.authorization.k8s.io name: privileged-psp-users roleRef: apiGroup: rbac.authorization.k8s.io @@ -32,16 +32,16 @@ roleRef: name: restricted-psp-user --- # edit grants edit role to system:authenticated. -apiVersion: rbac.authorization.k8s.io/v1alpha1 +apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: edit subjects: - kind: Group - apiVersion: rbac.authorization.k8s.io/v1alpha1 + apiGroup: rbac.authorization.k8s.io name: privileged-psp-users - kind: Group - apiVersion: rbac.authorization.k8s.io/v1alpha1 + apiGroup: rbac.authorization.k8s.io name: restricted-psp-users roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/examples/podsecuritypolicy/rbac/roles.yaml b/examples/podsecuritypolicy/rbac/roles.yaml index 553cc76cf93..43aecf2a09a 100644 --- a/examples/podsecuritypolicy/rbac/roles.yaml +++ b/examples/podsecuritypolicy/rbac/roles.yaml @@ -1,6 +1,6 @@ # restrictedPSP grants access to use # the restricted PSP. -apiVersion: rbac.authorization.k8s.io/v1alpha1 +apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: restricted-psp-user @@ -16,7 +16,7 @@ rules: --- # privilegedPSP grants access to use the privileged # PSP. -apiVersion: rbac.authorization.k8s.io/v1alpha1 +apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: privileged-psp-user diff --git a/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/heapster-binding.yaml b/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/heapster-binding.yaml index 179b2402939..a9ddfe77cd4 100644 --- a/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/heapster-binding.yaml +++ b/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/heapster-binding.yaml @@ -1,5 +1,5 @@ # This is the role binding for the kubemark heapster. -apiVersion: rbac.authorization.k8s.io/v1alpha1 +apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: heapster-view-binding @@ -10,6 +10,6 @@ roleRef: kind: ClusterRole name: system:heapster subjects: -- apiVersion: rbac/v1alpha1 +- apiGroup: rbac.authorization.k8s.io kind: User name: system:heapster diff --git a/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/kubecfg-binding.yaml b/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/kubecfg-binding.yaml index 2cbf596282c..1f44b9af69b 100644 --- a/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/kubecfg-binding.yaml +++ b/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/kubecfg-binding.yaml @@ -2,7 +2,7 @@ # used for listing hollow-nodes in start-kubemark.sh and # send resource creation requests, etc in run-e2e-tests.sh. # Also useful if you manually want to use local kubectl. -apiVersion: rbac.authorization.k8s.io/v1alpha1 +apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: kubecfg-cluster-admin @@ -13,6 +13,6 @@ roleRef: kind: ClusterRole name: cluster-admin subjects: -- apiVersion: rbac/v1alpha1 +- apiGroup: rbac.authorization.k8s.io kind: User name: kubecfg diff --git a/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/npd-binding.yaml b/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/npd-binding.yaml index 8dd97f853a9..7979b25cfc3 100644 --- a/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/npd-binding.yaml +++ b/test/kubemark/resources/manifests/addons/kubemark-rbac-bindings/npd-binding.yaml @@ -1,5 +1,5 @@ # This is the role binding for the node-problem-detector. -apiVersion: rbac.authorization.k8s.io/v1alpha1 +apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: node-problem-detector-binding @@ -10,6 +10,6 @@ roleRef: kind: ClusterRole name: system:node-problem-detector subjects: -- apiVersion: rbac/v1alpha1 +- apiGroup: rbac.authorization.k8s.io kind: User name: system:node-problem-detector