gmaliar · February 2, 2019 13:32
diff --git a/auth-reviewr.tf b/auth-reviewr.tf
 resource "kubernetes_service_account" "vault-tokenreview" {
  metadata {
    name = "vault-tokenreview"
  }
 }

 resource "kubernetes_cluster_role_binding" "vault-tokenreview-clusterrolebinding" {
  metadata {
    name = "vault-tokenreviewer"
  }
  role_ref {
    api_group = "rbac.authorization.k8s.io"
    kind = "ClusterRole"
    name = "system:auth-delegator"
  }
  subject {
    api_group = ""
    kind = "ServiceAccount"
    name = "${kubernetes_service_account.vault-tokenreview.metadata.0.name}"
  }
 }
	resource "kubernetes_service_account" "vault-tokenreview" {
	metadata {
	name = "vault-tokenreview"
	}
	}

	resource "kubernetes_cluster_role_binding" "vault-tokenreview-clusterrolebinding" {
	metadata {
	name = "vault-tokenreviewer"
	}
	role_ref {
	api_group = "rbac.authorization.k8s.io"
	kind = "ClusterRole"
	name = "system:auth-delegator"
	}
	subject {
	api_group = ""
	kind = "ServiceAccount"
	name = "${kubernetes_service_account.vault-tokenreview.metadata.0.name}"
	}
	}