Skip to content

Instantly share code, notes, and snippets.

Last active October 30, 2021 17:04
  • Star 69 You must be signed in to star a gist
  • Fork 14 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
Helm RBAC setup for K8s v1.6+ (tested on minikube)
kubectl -n kube-system create sa tiller
kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
helm init --service-account tiller
Copy link

tmc commented Nov 1, 2017

A discussion of the security implications here would be useful.

Copy link

Tested on 1.8.3. Works too! Thanks man

Copy link

@tmc I think with this, anyone who has enough access to talk to tiller (which requires you be able to use the k8s API to port forward or exec I think) has root on the cluster.

Copy link

ghost commented Dec 6, 2017

Thanks. had been stuck for hours...

Copy link

jengo commented Jan 18, 2018

Awesome thanks!

Copy link

Thanks a lot, it saves me a lot of hours....

Copy link

Thanks a lot.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment