Open metalmatze opened 5 years ago
I don't think this operator needs all verbs on these Kubernetes objects. We should make sure to have less access.
# Allow actions on basic Kubernetes objects - apiGroups: [""] resources: - configmaps - secrets - pods - services - serviceaccounts - serviceaccounts/token - endpoints - events verbs: ["*"]
Any update? It can be so dangerous too. I'd appreciate if you can restrict accesses.
I don't think this operator needs all verbs on these Kubernetes objects. We should make sure to have less access.