How to find which role or clusterrole binded to a service account in Kubernetes?

Question

Is there a way with kubectl to find out which clusterroles or roles are bound to the service account?

Answer 1

You could do something like:

kubectl get rolebindings,clusterrolebindings \
  --all-namespaces  \
  -o custom-columns='KIND:kind,NAMESPACE:metadata.namespace,NAME:metadata.name,SERVICE_ACCOUNTS:subjects[?(@.kind=="ServiceAccount")].name' | grep "<SERVICE_ACCOUNT_NAME>"

Replace the grep with then name of the service account you are looking for.