Merge pull request #181 from mattmoyer/add-psp-cluster-role-permission

Give the concierge access to use any PodSecurityPolicy.
This commit is contained in:
Matt Moyer 2020-11-02 15:35:56 -06:00 committed by GitHub
commit e4f4cd7ca0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -21,6 +21,9 @@ rules:
- apiGroups: [ admissionregistration.k8s.io ] - apiGroups: [ admissionregistration.k8s.io ]
resources: [ validatingwebhookconfigurations, mutatingwebhookconfigurations ] resources: [ validatingwebhookconfigurations, mutatingwebhookconfigurations ]
verbs: [ get, list, watch ] verbs: [ get, list, watch ]
- apiGroups: [ policy ]
resources: [ podsecuritypolicies ]
verbs: [ use ]
--- ---
kind: ClusterRoleBinding kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1