Lineage
read-only · v1.0
static mock demo — no cluster connection, no oc, no credentials
Static mock demo. This page uses a small bundled sample dataset. It does not connect to a cluster, run oc, or read local credentials.

User future-hire@company.com ghost

Reach

Where this subject's permissions land. Cluster-wide grants reach every namespace; namespace-scoped grants are listed individually.

Cluster-wide (1)

RoleViaBinding
admin direct ClusterRoleBinding/ghost-future-employee

Effective permissions (1 path)

Each path is one (role, scope, group-membership) combination. Click Show rules to see the underlying API rules.

Cluster-wide * wildcard 3 rules
User future-hire@company.com
bound by
ClusterRoleBinding ghost-future-employee
grants
ClusterRole admin privileged
Verbs: *createdeletegetlistpatchupdatewatch  Resources: configmapsdeploymentspodsrolebindingsrolessecrets  API groups: apps, core, rbac.authorization.k8s.io
Aggregated from admin-workloads, admin-rbac
API groupResourcesVerbsFrom
apps deployments * admin-workloads
core pods, secrets, configmaps * admin-workloads
rbac.authorization.k8s.io roles, rolebindings get, list, watch, create, update, patch, delete admin-rbac