github.com/fafucoder/cilium@v1.6.11/examples/kubernetes-ingress/deployments/coredns-sa.yaml (about) 1 --- 2 apiVersion: v1 3 kind: ServiceAccount 4 metadata: 5 name: coredns 6 namespace: kube-system 7 labels: 8 kubernetes.io/cluster-service: "true" 9 addonmanager.kubernetes.io/mode: Reconcile 10 --- 11 apiVersion: rbac.authorization.k8s.io/v1 12 kind: ClusterRole 13 metadata: 14 labels: 15 kubernetes.io/bootstrapping: rbac-defaults 16 addonmanager.kubernetes.io/mode: Reconcile 17 name: system:coredns 18 rules: 19 - apiGroups: 20 - "" 21 resources: 22 - endpoints 23 - services 24 - pods 25 - namespaces 26 verbs: 27 - list 28 - watch 29 - apiGroups: 30 - "" 31 resources: 32 - nodes 33 verbs: 34 - get 35 --- 36 apiVersion: rbac.authorization.k8s.io/v1 37 kind: ClusterRoleBinding 38 metadata: 39 annotations: 40 rbac.authorization.kubernetes.io/autoupdate: "true" 41 labels: 42 kubernetes.io/bootstrapping: rbac-defaults 43 addonmanager.kubernetes.io/mode: EnsureExists 44 name: system:coredns 45 roleRef: 46 apiGroup: rbac.authorization.k8s.io 47 kind: ClusterRole 48 name: system:coredns 49 subjects: 50 - kind: ServiceAccount 51 name: coredns 52 namespace: kube-system