Skip to content

Instantly share code, notes, and snippets.

@amcginlay
Last active November 11, 2022 12:32
Show Gist options
  • Save amcginlay/ab6131cd49def46002c8103eaa7487a7 to your computer and use it in GitHub Desktop.
Save amcginlay/ab6131cd49def46002c8103eaa7487a7 to your computer and use it in GitHub Desktop.
---
apiVersion: policy.cert-manager.io/v1alpha1
kind: CertificateRequestPolicy
metadata:
name: accept-all
spec:
allowed:
dnsNames:
values:
- "*"
selector:
issuerRef:
name: "*"
kind: "*Issuer"
group: cert-manager.io
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cert-manager-policy:accept-all
rules:
- apiGroups: ["policy.cert-manager.io"]
resources: ["certificaterequestpolicies"]
verbs: ["use"]
resourceNames: ["accept-all"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: cert-manager-policy:accept-all
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cert-manager-policy:accept-all
subjects:
- kind: ServiceAccount
name: cert-manager
namespace: jetstack-secure
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment