Merge pull request #181 from mattmoyer/add-psp-cluster-role-permission

Give the concierge access to use any PodSecurityPolicy.
2020-11-02 15:35:56 -06:00 · 2020-11-02 15:35:56 -06:00 · e4f4cd7ca0
parent 7639d5e161 935577f8e7
commit e4f4cd7ca0
1 changed files with 3 additions and 0 deletions
--- a/deploy/concierge/rbac.yaml
+++ b/deploy/concierge/rbac.yaml
@ -21,6 +21,9 @@ rules:
  - apiGroups: [ admissionregistration.k8s.io ]
    resources: [ validatingwebhookconfigurations, mutatingwebhookconfigurations ]
    verbs: [ get, list, watch ]
  - apiGroups: [ policy ]
    resources: [ podsecuritypolicies ]
    verbs: [ use ]
 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1