Startsida Utforska Hjälp
Registrera dig Logga in
shixiong
/
okd
1
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Bläddra i källkod

don't bind to cluster-admin for OLM

Evan Cordell 6 år sedan
förälder
eedc6728ae
incheckning
ecafbb0aaa
2 ändrade filer med 11 tillägg och 1 borttagningar
Delad Vy Visa Diff Statistik
  1. 10 0
      roles/olm/files/olm-operator.clusterrole.yaml
  2. 1 1
      roles/olm/files/olm-operator.rolebinding.yaml

+ 10 - 0
roles/olm/files/olm-operator.clusterrole.yaml
Visa fil 

@@ -0,0 +1,10 @@
 
+apiVersion: rbac.authorization.k8s.io/v1
 
+kind: ClusterRole
 
+metadata:
 
+  name: system:controller:operator-lifecycle-manager
 
+rules:
 
+- apiGroups: ["*"]
 
+  resources: ["*"]
 
+  verbs: ["*"]
 
+- nonResourceURLs: ["*"]
 
+  verbs: ["*"]

+ 1 - 1
roles/olm/files/olm-operator.rolebinding.yaml
Visa fil 

@@ -5,7 +5,7 @@ metadata:
 
 roleRef:
 
   apiGroup: rbac.authorization.k8s.io
 
   kind: ClusterRole
 
-  name: cluster-admin
 
+  name: system:controller:operator-lifecycle-manager
 
 subjects:
 
 - kind: ServiceAccount
 
   name: olm-operator-serviceaccount