Files
@ 9d3a9e524ad3
Branch filter:
Location: pomerium/kube/02-roles.yaml - annotation
9d3a9e524ad3
2.0 KiB
text/x-yaml
fuss with ns and stuff to get it working. forward all (over http) to nginx at first
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 | 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 6bf643829330 | apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/name: pomerium
name: pomerium-controller
namespace: pomerium
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/name: pomerium
name: pomerium-gen-secrets
namespace: pomerium
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: pomerium
name: pomerium-controller
rules:
- apiGroups:
- ""
resources:
- services
- endpoints
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- services/status
- secrets/status
- endpoints/status
verbs:
- get
- apiGroups:
- networking.k8s.io
resources:
- ingresses
- ingressclasses
verbs:
- get
- list
- watch
- apiGroups:
- networking.k8s.io
resources:
- ingresses/status
verbs:
- get
- patch
- update
- apiGroups:
- ingress.pomerium.io
resources:
- pomerium
verbs:
- get
- list
- watch
- apiGroups:
- ingress.pomerium.io
resources:
- pomerium/status
verbs:
- get
- update
- patch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: pomerium
name: pomerium-gen-secrets
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: pomerium
name: pomerium-controller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: pomerium-controller
subjects:
- kind: ServiceAccount
name: pomerium-controller
namespace: pomerium
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: pomerium
name: pomerium-gen-secrets
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: pomerium-gen-secrets
subjects:
- kind: ServiceAccount
name: pomerium-gen-secrets
namespace: pomerium
|