From 873bea2b6dc3ba03f59d003a7d0c7b89842b9645 Mon Sep 17 00:00:00 2001
From: esteramine <55351011+esteramine@users.noreply.github.com>
Date: Sun, 20 Jul 2025 09:27:06 +0800
Subject: [PATCH] kubectl-auth: add page (#17207)

* kubectl: add page for auth command

* Update pages/common/kubectl-auth.md

Co-authored-by: Managor <42655600+Managor@users.noreply.github.com>

---------

Co-authored-by: Managor <42655600+Managor@users.noreply.github.com>
---
 pages/common/kubectl-auth.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 pages/common/kubectl-auth.md

diff --git a/pages/common/kubectl-auth.md b/pages/common/kubectl-auth.md
new file mode 100644
index 0000000000..f17bf1150a
--- /dev/null
+++ b/pages/common/kubectl-auth.md
@@ -0,0 +1,20 @@
+# kubectl auth
+
+> Inspect access permissions in a Kubernetes cluster.
+> More information: <https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#auth>.
+
+- Check if the current user can perform all actions on all resources in a specific namespace:
+
+`kubectl auth can-i '*' '*' {{[-n|--namespace]}} {{namespace}}`
+
+- Check if the current user can perform a specific verb on a specific resource:
+
+`kubectl auth can-i {{verb}} {{resource}} {{[-n|--namespace]}} {{namespace}}`
+
+- Check if a specific user or service account can perform an action on a resource:
+
+`kubectl auth can-i {{verb}} {{resource}} {{[-n|--namespace]}} {{namespace}} --as {{user_or_sa}}`
+
+- List all actions the current user is allowed to perform in a namespace:
+
+`kubectl auth can-i --list {{[-n|--namespace]}} {{namespace}}`