bstein/titan-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
titan-iac/services/maintenance/ariadne-rbac.yaml

43 lines
756 B
YAML
Raw Blame History

# services/maintenance/ariadne-rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: ariadne-job-spawner
rules:
- apiGroups: ["batch"]
resources:
- jobs
- cronjobs
verbs:
- get
- list
- watch
- create
- apiGroups: [""]
resources:
- pods
verbs:
- get
- list
- watch
- delete
- apiGroups: [""]
resources:
- pods/exec
verbs:
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: ariadne-job-spawner
subjects:
- kind: ServiceAccount
name: ariadne
namespace: maintenance
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: ariadne-job-spawner
Reference in New Issue View Git Blame Copy Permalink