Open bygui86 opened 3 years ago
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions!
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions!
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions!
removed the help wanted label as:
Describe the bug: I think that RBAC and PSP applied to logging-operator, fluent-bit and fluentd are too permissive.
Proposal: I propose following RBAC and PSP to restrict as much as possible permissions to components, without jeopardizing or influencing normal functionalities:
operator RBAC + PSP:
fluent-bit RBAC + PSP:
fluentd RBAC + PSP:
logging usage example:
Environment details: Above proposal were tested on an environment with following details:
Looking forward your feedback!!
/kind bug