diff options
| author |   Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com> | 2021-10-13 16:21:56 +0000 |
|---|---|---|
| committer | Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com> | 2021-10-13 16:21:56 +0000 |
| commit | 8519241507665598f90e5864dc2f2a0605686a9c (patch) | |
| tree | dae1e15c43b73945e21d2fe237c577d137d17298 /kubernetes/contrib/components/awx/templates/serviceaccount.yaml | |
| parent | f09d817b0f58f89e9db06875e78404e7d978504e (diff) | |
[CONTRIB] Correct serviceaccount for awx
Correct serviceaccount for awx
Issue-ID: OOM-2865
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
Change-Id: Ia8a579623fdee973c6ce77c31eb27a06f6545897
Diffstat (limited to 'kubernetes/contrib/components/awx/templates/serviceaccount.yaml')
| -rw-r--r-- | kubernetes/contrib/components/awx/templates/serviceaccount.yaml | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/kubernetes/contrib/components/awx/templates/serviceaccount.yaml b/kubernetes/contrib/components/awx/templates/serviceaccount.yaml new file mode 100644 index 0000000000..15baf0e308 --- /dev/null +++ b/kubernetes/contrib/components/awx/templates/serviceaccount.yaml @@ -0,0 +1,44 @@ +{{/* +# Copyright © 2019 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "common.fullname" . }}-endpoint-reader + namespace: {{ include "common.namespace" . }} +rules: +- apiGroups: ["", "extensions", "apps", "batch"] + resources: ["endpoints", "deployments", "pods", "replicasets/status", "jobs/status"] + verbs: ["get", "list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "common.fullname" . }}-endpoint-reader + namespace: {{ include "common.namespace" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "common.fullname" . }}-endpoint-reader +subjects: +- kind: ServiceAccount + name: {{ include "common.fullname" . }}
\ No newline at end of file |