feat: ✨ ServiceAccount: Added Role Binding

RoleBinding is a way to bind a Role to a user, group, or ServiceAccount within a namespace. A RoleBinding grants the permissions defined in a Role to the entity associated with the RoleBinding. A RoleBinding consists of two parts: the Role that defines the permissions, and the subject that defines the entity to which the permissions are granted. The subject can be a user, group, or ServiceAccount.
kevencript · Mar 21, 2023 · 9f1a54b · 9f1a54b
1 parent d6493a1
commit 9f1a54b
Showing 1 changed file with 18 additions and 1 deletion.
diff --git a/k8s/service-account.yaml b/k8s/service-account.yaml
@@ -1,8 +1,10 @@
+# Service Accont
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: server-service-account
 ---
+# Role 
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
@@ -11,4 +13,19 @@ metadata:
 rules:
 - apiGroups: [""] # "" Indicates the Core API group
   resources: ["services"] # We are allowing Services
-  verbs: ["get", "watch", "list"] # We can do list operations on Services
+  verbs: ["get", "watch", "list"] # We can do list operations on Services
+---
+# Role Binding
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: service-reader-binding
+  namespace: server
+subjects:
+- kind: ServiceAccount
+  name: server-service-account # ServiceAccount name created above
+  namespace: server # ServiceAccount namespace
+roleRef:
+  kind: Role
+  name: service-reader
+  apiGroup: rbac.authorization.k8s.io