Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
apiVersion: rbac.authorization.Kubernetes.io/v1
# This cluster role binding allows anyone in the "manager" group to read secrets in any namespace.
kind: ClusterRoleBinding
metadata:
name: read-secrets-global
subjects:
- kind: Group
name: manager # Name is case sensitive
apiGroup: rbac.authorization.Kubernetes.io
roleRef:
kind: ClusterRole
name: secret-reader
apiGroup: rbac.authorization.Kubernetes.io
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment