...
1apiVersion: v1
2kind: ServiceAccount
3metadata:
4 name: firewallctl
5 namespace: firewallctl
6---
7apiVersion: rbac.authorization.k8s.io/v1
8kind: ClusterRole
9metadata:
10 name: firewallctl
11rules:
12- resources:
13 - clusterfirewall
14 apiGroups:
15 - dsds.edge.ncr.com
16 verbs:
17 - get
18 - list
19 - watch
20 - create
21 - update
22 - patch
23- resources:
24 - nodefirewall
25 apiGroups:
26 - dsds.edge.ncr.com
27 verbs:
28 - get
29 - list
30 - watch
31 - create
32 - update
33 - delete
34 - patch
35- resources:
36 - nodes
37 apiGroups:
38 - ""
39 verbs:
40 - get
41 - list
42 - watch
43---
44apiVersion: rbac.authorization.k8s.io/v1
45kind: ClusterRoleBinding
46metadata:
47 name: firewallctl
48roleRef:
49 name: firewallctl
50 kind: ClusterRole
51 apiGroup: rbac.authorization.k8s.io
52subjects:
53- name: firewallctl
54 namespace: firewallctl
55 kind: ServiceAccount
View as plain text