| Giorgi Lekveishvili | efc43ea | 2024-09-09 19:11:41 +0400 | [diff] [blame] | 1 | apiVersion: rbac.authorization.k8s.io/v1 |
| 2 | kind: Role |
| 3 | metadata: |
| Giorgi Lekveishvili | b451c2f | 2024-09-11 19:03:52 +0400 | [diff] [blame] | 4 | name: {{ .Values.serviceAccountName }}-access-secrets |
| Giorgi Lekveishvili | efc43ea | 2024-09-09 19:11:41 +0400 | [diff] [blame] | 5 | namespace: {{ .Release.Namespace }} |
| 6 | rules: |
| 7 | - apiGroups: [""] |
| 8 | resources: ["secrets"] |
| Giorgi Lekveishvili | 1c9e61e | 2024-09-11 13:25:34 +0400 | [diff] [blame] | 9 | verbs: ["get", "watch", "list", "patch", "update", "create"] |
| Giorgi Lekveishvili | efc43ea | 2024-09-09 19:11:41 +0400 | [diff] [blame] | 10 | --- |
| 11 | apiVersion: rbac.authorization.k8s.io/v1 |
| 12 | kind: RoleBinding |
| 13 | metadata: |
| Giorgi Lekveishvili | b451c2f | 2024-09-11 19:03:52 +0400 | [diff] [blame] | 14 | name: {{ .Values.serviceAccountName }}-access-secrets |
| Giorgi Lekveishvili | efc43ea | 2024-09-09 19:11:41 +0400 | [diff] [blame] | 15 | namespace: {{ .Release.Namespace }} |
| 16 | subjects: |
| 17 | - kind: ServiceAccount |
| 18 | name: {{ .Values.serviceAccountName }} |
| 19 | namespace: {{ .Release.Namespace }} |
| 20 | roleRef: |
| 21 | kind: Role |
| Giorgi Lekveishvili | b451c2f | 2024-09-11 19:03:52 +0400 | [diff] [blame] | 22 | name: {{ .Values.serviceAccountName }}-access-secrets |
| Giorgi Lekveishvili | efc43ea | 2024-09-09 19:11:41 +0400 | [diff] [blame] | 23 | apiGroup: rbac.authorization.k8s.io |