Open hisener opened 3 years ago
Halyard role binding uses default ClusterRole edit, but it allows read/write access to most objects (kubectl describe clusterrole edit). Would it be possible to create a Role object with only required privileges?
edit
kubectl describe clusterrole edit
Role
https://github.com/OpsMx/spinnaker-helm/blob/2a0f39ec9d6d0b68c1a351b1e6cc6e12fbc5b847/templates/rbac/rolebinding.yaml#L7-L10
Best.
I have a fix for this, I'll be creating a PR soon
Hey @abhinaybyrisetty. Thanks for picking this up! Do you have an update?
Halyard role binding uses default ClusterRole
edit
, but it allows read/write access to most objects (kubectl describe clusterrole edit
). Would it be possible to create aRole
object with only required privileges?https://github.com/OpsMx/spinnaker-helm/blob/2a0f39ec9d6d0b68c1a351b1e6cc6e12fbc5b847/templates/rbac/rolebinding.yaml#L7-L10
Best.