We should follow the "least privilege" principle and double check the needed permissions. Moreover, we should split up the privilege for the installation process and the operation.
User Story
As a user I want to have a serviceAccount with least privileges in order to reduce the attack surface of my cluster.
Implementation idea
Updated the rbac.yamland introduce a new serviceAccount for the installation process.
Description
We should follow the "least privilege" principle and double check the needed permissions. Moreover, we should split up the privilege for the installation process and the operation.
User Story
As a user I want to have a serviceAccount with least privileges in order to reduce the attack surface of my cluster.
Implementation idea
Updated the
rbac.yamland introduce a new serviceAccount for the installation process.