Kubernetes Events binding spec

Detailed documentation on the Kubernetes Events binding component

Component format

To setup Kubernetes Events binding create a component of type bindings.kubernetes. See this guide on how to create and apply a binding configuration.

apiVersion: dapr.io/v1alpha1
kind: Component
  name: <NAME>
  namespace: <NAMESPACE>
  type: bindings.kubernetes
  version: v1
  - name: namespace
    value: <NAMESPACE>
  - name: resyncPeriodInSec
    vale: "<seconds>"

Spec metadata fields

Field Required Binding support Details Example
namespace Y Input The Kubernetes namespace to read events from "default"
resyncPeriodInSec N Te period of time to refresh event list from Kubernetes API server. Defaults to "10" "15"

Binding support

This component supports input binding interface.

Output format

Output received from the binding is of format bindings.ReadResponse with the Data field populated with the following structure:

   "event": "",
   "oldVal": {
     "metadata": {
       "name": "hello-node.162c2661c524d095",
       "namespace": "kube-events",
       "selfLink": "/api/v1/namespaces/kube-events/events/hello-node.162c2661c524d095",
     "involvedObject": {
       "kind": "Deployment",
       "namespace": "kube-events",
     "reason": "ScalingReplicaSet",
     "message": "Scaled up replica set hello-node-7bf657c596 to 1",
   "newVal": {
     "metadata": { "creationTimestamp": "null" },
     "involvedObject": {},
     "source": {},
     "firstTimestamp": "null",
     "lastTimestamp": "null",
     "eventTime": "null",

Three different event types are available:

  • Add : Only the newVal field is populated, oldVal field is an empty v1.Event, event is add
  • Delete : Only the oldVal field is populated, newVal field is an empty v1.Event, event is delete
  • Update : Both the oldVal and newVal fields are populated, event is update

Required permissions

For consuming events from Kubernetes, permissions need to be assigned to a User/Group/ServiceAccount using [RBAC Auth] mechanism of Kubernetes.


One of the rules need to be of the form as below to give permissions to get, watch and list events. API Groups can be as restrictive as needed.

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
  namespace: <NAMESPACE>
  name: <ROLENAME>
- apiGroups: [""]
  resources: ["events"]
  verbs: ["get", "watch", "list"]


apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
  name: <NAME>
  namespace: <NAMESPACE> # same as above
- kind: ServiceAccount
  name: default # or as need be, can be changed
  namespace: <NAMESPACE> # same as above
  kind: Role
  name: <ROLENAME> # same as the one above
  apiGroup: ""