From 9f1a54bfadcda2d3847173b563c57e3c0122370d Mon Sep 17 00:00:00 2001
From: kevencript <kevencript@gmail.com>
Date: Tue, 21 Mar 2023 17:49:28 -0300
Subject: [PATCH] feat: :sparkles: ServiceAccount: Added Role Binding

RoleBinding is a way to bind a Role to a user, group, or ServiceAccount within a namespace. A RoleBinding grants the permissions defined in a Role to the entity associated with the RoleBinding.  A RoleBinding consists of two parts: the Role that defines the permissions, and the subject that defines the entity to which the permissions are granted. The subject can be a user, group, or ServiceAccount.
---
 k8s/service-account.yaml | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/k8s/service-account.yaml b/k8s/service-account.yaml
index 3ac65c6..8f7bf4f 100644
--- a/k8s/service-account.yaml
+++ b/k8s/service-account.yaml
@@ -1,8 +1,10 @@
+# Service Accont
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: server-service-account
 ---
+# Role 
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
@@ -11,4 +13,19 @@ metadata:
 rules:
 - apiGroups: [""] # "" Indicates the Core API group
   resources: ["services"] # We are allowing Services
-  verbs: ["get", "watch", "list"] # We can do list operations on Services
\ No newline at end of file
+  verbs: ["get", "watch", "list"] # We can do list operations on Services
+---
+# Role Binding
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: service-reader-binding
+  namespace: server
+subjects:
+- kind: ServiceAccount
+  name: server-service-account # ServiceAccount name created above
+  namespace: server # ServiceAccount namespace
+roleRef:
+  kind: Role
+  name: service-reader
+  apiGroup: rbac.authorization.k8s.io