diff options
| author |   Zhaoxing Meng <meng.zhaoxing1@zte.com.cn> | 2018-08-05 01:52:07 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@onap.org> | 2018-08-05 01:52:07 +0000 |
| commit | 8b93fa5325258ed50e6bd5c385a92a473462ec44 (patch) | |
| tree | 3b6750bff69a0383e7e1441f4d73326612af62b9 /install/istio-ingress-rbac.yaml | |
| parent | ea2e95fdb43c0996c5ba58c8648d3a74c956d5e1 (diff) | |
| parent | b8a4a260fee9a4fcc9d479c590fb74872046be58 (diff) | |
Merge "Enable istio RBAC"
Diffstat (limited to 'install/istio-ingress-rbac.yaml')
| -rw-r--r-- | install/istio-ingress-rbac.yaml | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/install/istio-ingress-rbac.yaml b/install/istio-ingress-rbac.yaml new file mode 100644 index 0000000..81bbca6 --- /dev/null +++ b/install/istio-ingress-rbac.yaml @@ -0,0 +1,24 @@ +apiVersion: "rbac.istio.io/v1alpha1" +kind: ServiceRole +metadata: + name: service-viewer + namespace: onap +spec: + rules: + - services: ["*"] + methods: ["GET"] +--- +apiVersion: "rbac.istio.io/v1alpha1" +kind: ServiceRoleBinding +metadata: + name: bind-service-viewer + namespace: onap +spec: + subjects: + - properties: + source.namespace: "istio-system" + - properties: + source.namespace: "default" + roleRef: + kind: ServiceRole + name: "service-viewer" |