Created
March 6, 2017 19:42
-
-
Save InAnimaTe/727d6a1fd306598c68c3e128ff561d3e to your computer and use it in GitHub Desktop.
example rbac (non-cluster roles)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| kind: Role | |
| apiVersion: rbac.authorization.k8s.io/v1alpha1 | |
| metadata: | |
| name: {{ template "fullname" . }} | |
| rules: | |
| - apiGroups: ["*"] | |
| resources: ["*"] | |
| verbs: ["get", "watch", "list"] | |
| nonResourceURLs: [] | |
| --- | |
| kind: RoleBinding | |
| apiVersion: rbac.authorization.k8s.io/v1alpha1 | |
| metadata: | |
| name: {{ template "fullname" . }} | |
| subjects: | |
| # The subject is the target service account | |
| - kind: ServiceAccount | |
| name: {{ template "fullname" . }} | |
| roleRef: | |
| # The roleRef specifies the role to give to the | |
| # service account. | |
| kind: Role | |
| name: {{ template "fullname" . }} # Tectonic also provides "readonly", "user", and "admin" cluster roles. | |
| apiGroup: rbac.authorization.k8s.io | |
| --- | |
| kind: ServiceAccount | |
| apiVersion: v1 | |
| metadata: | |
| name: {{ template "fullname" . }} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is a helm template for creating the entirety of needed permissions for an application.