IronCore864/gist:c599a34c8556cbfd0c874a9cccf54947

## gistfile1.txt
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: eks:podsecuritypolicy:privileged
  namespace: kube-system
  labels:
      kubernetes.io/cluster-service: "true"
      eks.amazonaws.com/component: pod-security-policy
rules:
- apiGroups:
  - policy
  resourceNames:
  - privileged
  resources:
  - podsecuritypolicies
  verbs:
  - use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: eks:podsecuritypolicy:privileged
  namespace: kube-system
  annotations:
    kubernetes.io/description: 'Allow service account aws-node to use awsnode psp in kube-system namespace.'
  labels:
    kubernetes.io/cluster-service: "true"
    eks.amazonaws.com/component: pod-security-policy
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: eks:podsecuritypolicy:privileged
subjects:
  - kind: ServiceAccount
    name: aws-node
    namespace: kube-system
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: Role
	metadata:
	name: eks:podsecuritypolicy:privileged
	namespace: kube-system
	labels:
	kubernetes.io/cluster-service: "true"
	eks.amazonaws.com/component: pod-security-policy
	rules:
	- apiGroups:
	- policy
	resourceNames:
	- privileged
	resources:
	- podsecuritypolicies
	verbs:
	- use
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: RoleBinding
	metadata:
	name: eks:podsecuritypolicy:privileged
	namespace: kube-system
	annotations:
	kubernetes.io/description: 'Allow service account aws-node to use awsnode psp in kube-system namespace.'
	labels:
	kubernetes.io/cluster-service: "true"
	eks.amazonaws.com/component: pod-security-policy
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: Role
	name: eks:podsecuritypolicy:privileged
	subjects:
	- kind: ServiceAccount
	name: aws-node
	namespace: kube-system