examples/additional_ns_rbac.yaml from appuio/tailscale-service-observer

examples/additional_ns_rbac.yaml

Summary

Maintainability

Test Coverage

Issues
Source
Stats

Issues

# RBAC rules for allowing the observer to access an additional namespace
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: tailscale
rules:
  - apiGroups:
      - ""
    resources:
      - services
    verbs:
      - get
      - list
      - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: tailscale
subjects:
  - kind: ServiceAccount
    name: tailscale
    namespace: TS_NAMESPACE
roleRef:
  kind: Role
  name: tailscale
  apiGroup: rbac.authorization.k8s.io