Skip to content

Instantly share code, notes, and snippets.

@johanngyger

johanngyger/vault-rbac.yaml

Last active April 23, 2019 04:28
Show Gist options
  • Save johanngyger/fdc8594d6fc3173a8ebe0f6bc101a1f2 to your computer and use it in GitHub Desktop.
Save johanngyger/fdc8594d6fc3173a8ebe0f6bc101a1f2 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
vault-rbac.yaml
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: vault-serviceaccount
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: vault-clusterrolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:auth-delegator
subjects:
- kind: ServiceAccount
name: vault-serviceaccount
namespace: default
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: vault-secretadmin-role
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["*"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: vault-secretadmin-rolebinding
subjects:
- kind: ServiceAccount
name: vault-serviceaccount
roleRef:
kind: Role
name: vault-secretadmin-role
apiGroup: rbac.authorization.k8s.io
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment