🚀 Feature Request: Configurable RBAC for Terraform Cloud Operator

[domino-sbr1]

Description

As a user, I want the ability to decide whether RBAC should be applied during the Terraform Cloud Operator implementation, especially when the user does not have permission to create roles and role bindings.

This feature would be beneficial for users who operate in environments where RBAC is managed by other teams. It simplifies the deployment process and reduces unnecessary configuration overhead.

Proposed YAML configuration of the values.yaml file

rbac:
  create: true

Proposed YAML configuration of the rolebinding.yaml file

# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0

{{- if .Values.rbac.create -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: {{ .Release.Name }}-leader-election-rolebinding
  namespace: {{ .Release.Namespace }}
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: {{ .Release.Name }}-leader-election-role
subjects:
- kind: ServiceAccount
  name: {{ .Release.Name }}-controller-manager
  namespace: {{ .Release.Namespace }}
{{- end -}}

Please note that the Clusterrolebinding.yaml, Clusterrole.yaml and role.yaml files should also contain similar changes

References

N/A

Community Note

• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.

[arybolovlev]

Closing this as completed.