Skip to content

Instantly share code, notes, and snippets.

@guygrip
Created May 18, 2022 16:38
Show Gist options
  • Save guygrip/5c52659f7e3a5cf16873a4a1f8efbfca to your computer and use it in GitHub Desktop.
Save guygrip/5c52659f7e3a5cf16873a4a1f8efbfca to your computer and use it in GitHub Desktop.
apiVersion: rbac.authorization.Kubernetes.io/v1
# This cluster role binding allows anyone in the "manager" group to read secrets in any namespace.
kind: ClusterRoleBinding
metadata:
name: read-secrets-global
subjects:
- kind: Group
name: manager # Name is case sensitive
apiGroup: rbac.authorization.Kubernetes.io
roleRef:
kind: ClusterRole
name: secret-reader
apiGroup: rbac.authorization.Kubernetes.io
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment