forked from galasa-dev/helm
-
Notifications
You must be signed in to change notification settings - Fork 0
/
rbac-admin.yaml
42 lines (39 loc) · 1.02 KB
/
rbac-admin.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#
# Copyright contributors to the Galasa project
#
# SPDX-License-Identifier: EPL-2.0
#
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: galasa-admin
rules:
- apiGroups: [""]
resources: ["services","configmaps","pods","persistentvolumeclaims"]
verbs: ["get","create","update","delete","patch","list","watch"]
- apiGroups: ["apps"]
resources: ["deployments","statefulsets"]
verbs: ["get","create","update","delete","patch","list","watch"]
- apiGroups: ["batch"]
resources: ["jobs"]
verbs: ["get","create","update","delete","patch","list","watch"]
#
#
# For some reason Helm creates a secret for it's installation, not ideal
#
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get","create","update","delete","patch","list","watch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: galasa-admin
roleRef:
kind: Role
name: galasa-admin
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: User
apiGroup: rbac.authorization.k8s.io
name: ******** a galasa admin user *****