github.com/verrazzano/verrazzano@v1.7.0/platform-operator/helm_config/charts/verrazzano-monitoring-operator/templates/clusterrolebinding.yaml (about) 1 # Copyright (c) 2022, Oracle and/or its affiliates. 2 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 4 apiVersion: rbac.authorization.k8s.io/v1 5 kind: ClusterRoleBinding 6 metadata: 7 labels: 8 k8s-app: {{ .Values.monitoringOperator.name }} 9 name: {{ .Values.monitoringOperator.name }}-cluster-role-binding 10 roleRef: 11 apiGroup: rbac.authorization.k8s.io 12 kind: ClusterRole 13 name: {{ .Values.monitoringOperator.name }}-cluster-role 14 subjects: 15 - kind: ServiceAccount 16 name: {{ .Values.monitoringOperator.name }} 17 namespace: {{ .Release.Namespace }} 18 --- 19 apiVersion: rbac.authorization.k8s.io/v1 20 kind: ClusterRoleBinding 21 metadata: 22 labels: 23 k8s-app: {{ .Values.monitoringOperator.name }} 24 name: {{ .Values.monitoringOperator.name }}-cluster-role-default-binding 25 roleRef: 26 apiGroup: rbac.authorization.k8s.io 27 kind: ClusterRole 28 name: {{ .Values.monitoringOperator.name }}-cluster-role 29 subjects: 30 - kind: ServiceAccount 31 name: default 32 namespace: {{ .Release.Namespace }} 33 --- 34 # grants role allowing permission to list nodes to all system:serviceaccounts (pods). 35 apiVersion: rbac.authorization.k8s.io/v1 36 kind: ClusterRoleBinding 37 metadata: 38 name: {{ .Values.monitoringOperator.name }}-get-nodes 39 roleRef: 40 apiGroup: rbac.authorization.k8s.io 41 kind: ClusterRole 42 name: {{ .Values.monitoringOperator.name }}-get-nodes 43 subjects: 44 - kind: Group 45 name: system:serviceaccounts 46 apiGroup: rbac.authorization.k8s.io