Skip to content

Instantly share code, notes, and snippets.

@rssnyder
Created June 24, 2026 15:04
Show Gist options
  • Select an option

  • Save rssnyder/b530cb7a3ead2e3c1c0df56d58e5b522 to your computer and use it in GitHub Desktop.

Select an option

Save rssnyder/b530cb7a3ead2e3c1c0df56d58e5b522 to your computer and use it in GitHub Desktop.
argocd spoke service account
apiVersion: v1
kind: ServiceAccount
metadata:
name: argocd-manager
namespace: kube-system
---
apiVersion: v1
kind: Secret
metadata:
name: argocd-manager-token
namespace: kube-system
annotations:
kubernetes.io/service-account.name: argocd-manager
type: kubernetes.io/service-account-token
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: argocd-manager-role
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["*"]
- nonResourceURLs: ["*"]
verbs: ["*"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: argocd-manager-role-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: argocd-manager-role
subjects:
- kind: ServiceAccount
name: argocd-manager
namespace: kube-system
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment