diff --git a/kube/beer-serviceaccount.yaml b/kube/beer-serviceaccount.yaml new file mode 100644 index 0000000..e028118 --- /dev/null +++ b/kube/beer-serviceaccount.yaml @@ -0,0 +1,41 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: beer-deploy + namespace: beer + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: beer-deploy-role + namespace: beer # Should be namespace you are granting access to +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: beer-rolebinding + namespace: beer +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: beer-deploy-role +subjects: +- namespace: beer + kind: ServiceAccount + name: beer-deploy + +#--- +#ApiVersion: v1 +#Kind: Secret +#Metadata: +# name: beer-deploy-secret +# annotations: +# kubernetes.io/service-account.name: beer-deploy +#Type: kubernetes.io/service-account-token +