---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: beer-deploy
  namespace: beer

---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: beer-deploy-role
  namespace: beer # Should be namespace you are granting access to
rules:
- apiGroups: ["*"]
  resources: ["*"]
  verbs: ["*"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: beer-rolebinding
  namespace: beer
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: beer-deploy-role
subjects:
- namespace: beer
  kind: ServiceAccount
  name: beer-deploy

#---
#ApiVersion: v1
#Kind: Secret
#Metadata:
#  name: beer-deploy-secret
#  annotations:
#    kubernetes.io/service-account.name: beer-deploy
#Type: kubernetes.io/service-account-token