diff --git a/pkg/kubectl/cmd/create_role.go b/pkg/kubectl/cmd/create_role.go index bc7cd56de1f..1af83daf674 100644 --- a/pkg/kubectl/cmd/create_role.go +++ b/pkg/kubectl/cmd/create_role.go @@ -43,10 +43,10 @@ var ( kubectl create role pod-reader --verb=get --verb=list --verb=watch --resource=pods # Create a Role named "pod-reader" with ResourceName specified - kubectl create role pod-reader --verb=get --verg=list --verb=watch --resource=pods --resource-name=readablepod`)) + kubectl create role pod-reader --verb=get --verb=list --verb=watch --resource=pods --resource-name=readablepod`)) // Valid resource verb list for validation. - validResourceVerbs = []string{"*", "get", "delete", "list", "create", "update", "patch", "watch", "proxy", "redirect", "deletecollection", "use"} + validResourceVerbs = []string{"*", "get", "delete", "list", "create", "update", "patch", "watch", "proxy", "redirect", "deletecollection", "use", "bind", "impersonate"} ) type CreateRoleOptions struct { diff --git a/pkg/kubectl/cmd/create_role_test.go b/pkg/kubectl/cmd/create_role_test.go index 4e7e3187d5c..c9b20b6a7ce 100644 --- a/pkg/kubectl/cmd/create_role_test.go +++ b/pkg/kubectl/cmd/create_role_test.go @@ -203,11 +203,12 @@ func TestValidate(t *testing.T) { }, "test-valid-case": { roleOptions: &CreateRoleOptions{ - Name: "my-role", - Verbs: []string{"get", "list"}, + Name: "role-binder", + Verbs: []string{"get", "list", "bind"}, Resources: []schema.GroupVersionResource{ { - Resource: "pods", + Resource: "roles", + Group: "rbac.authorization.k8s.io", }, }, ResourceNames: []string{"foo"},