sbueringer/blog-opa-example1-cr.yaml

## blog-opa-example1-cr.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: pods
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["create", "update", "delete"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: user-pods
subjects:
- kind: Group
  name: user
  apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: ClusterRole
  name: pods
  apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	apiVersion: rbac.authorization.k8s.io/v1
	metadata:
	name: pods
	rules:
	- apiGroups: [""]
	resources: ["pods"]
	verbs: ["create", "update", "delete"]
	---
	kind: ClusterRoleBinding
	apiVersion: rbac.authorization.k8s.io/v1
	metadata:
	name: user-pods
	subjects:
	- kind: Group
	name: user
	apiGroup: rbac.authorization.k8s.io
	roleRef:
	kind: ClusterRole
	name: pods
	apiGroup: rbac.authorization.k8s.io