Closed rlewkowicz closed 3 years ago
I deployed this helm chart and it creates a service account, which doesn't have permissions to do stuff
Failed to list *v1.ConfigMap: Unauthorized
I created a role binding and just bound it to cluster admin, but thats probably overkill:
kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: ak-sabinding namespace: avi-system subjects: - kind: ServiceAccount name: ako-sa namespace: avi-system roleRef: kind: Role name: cluster-admin apiGroup: rbac.authorization.k8s.io
Whats your recommendation on role permissions?
I deployed this helm chart and it creates a service account, which doesn't have permissions to do stuff
I created a role binding and just bound it to cluster admin, but thats probably overkill:
Whats your recommendation on role permissions?