Skip to content

Instantly share code, notes, and snippets.

@icy

icy/fluxcd-rbac.yaml

Created January 8, 2020 14:47
Show Gist options
  • Save icy/3d21c1e8d2faea8eeda650c870bf5590 to your computer and use it in GitHub Desktop.
Save icy/3d21c1e8d2faea8eeda650c870bf5590 to your computer and use it in GitHub Desktop.
Download ZIP
fluxcd-rbac.yaml
Raw
fluxcd-rbac.yaml
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: flux
namespace: demo
labels:
name: flux
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flux
subjects:
- kind: ServiceAccount
name: flux
namespace: flux
---
# The service account, cluster roles, and cluster role binding are
# only needed for Kubernetes with role-based access control (RBAC).
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
name: flux
name: flux
namespace: flux
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: flux-readonly
labels:
name: flux
rules:
- apiGroups: ["", "*"]
resources: ["*"]
verbs: ["list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
name: flux
name: flux
rules:
- apiGroups: ["", "*"]
resources: ["*"]
verbs: ["*"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
labels:
name: flux
name: flux-readonly
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flux-readonly
subjects:
- kind: ServiceAccount
name: flux
namespace: flux
---
apiVersion: v1
kind: Secret
metadata:
name: flux-git-deploy
namespace: flux
type: Opaque
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment