nextcloud-mail-sync: portal RBAC
This commit is contained in:
parent
91106ee298
commit
565fad4522
@ -4,6 +4,7 @@ kind: Kustomization
|
|||||||
namespace: nextcloud
|
namespace: nextcloud
|
||||||
resources:
|
resources:
|
||||||
- cronjob.yaml
|
- cronjob.yaml
|
||||||
|
- portal-rbac.yaml
|
||||||
configMapGenerator:
|
configMapGenerator:
|
||||||
- name: nextcloud-mail-sync-script
|
- name: nextcloud-mail-sync-script
|
||||||
files:
|
files:
|
||||||
|
|||||||
29
services/nextcloud-mail-sync/portal-rbac.yaml
Normal file
29
services/nextcloud-mail-sync/portal-rbac.yaml
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
# services/nextcloud-mail-sync/portal-rbac.yaml
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: Role
|
||||||
|
metadata:
|
||||||
|
name: bstein-dev-home-nextcloud-mail-sync
|
||||||
|
rules:
|
||||||
|
- apiGroups: ["batch"]
|
||||||
|
resources: ["cronjobs"]
|
||||||
|
verbs: ["get"]
|
||||||
|
resourceNames: ["nextcloud-mail-sync"]
|
||||||
|
- apiGroups: ["batch"]
|
||||||
|
resources: ["jobs"]
|
||||||
|
verbs: ["create", "get", "list", "watch"]
|
||||||
|
- apiGroups: [""]
|
||||||
|
resources: ["pods"]
|
||||||
|
verbs: ["get", "list"]
|
||||||
|
---
|
||||||
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
|
kind: RoleBinding
|
||||||
|
metadata:
|
||||||
|
name: bstein-dev-home-nextcloud-mail-sync
|
||||||
|
roleRef:
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
kind: Role
|
||||||
|
name: bstein-dev-home-nextcloud-mail-sync
|
||||||
|
subjects:
|
||||||
|
- kind: ServiceAccount
|
||||||
|
name: bstein-dev-home
|
||||||
|
namespace: bstein-dev-home
|
||||||
Loading…
x
Reference in New Issue
Block a user