From 58a8f1f6326918d7d41626d97d3f525fa2f6802b Mon Sep 17 00:00:00 2001 From: cnorville90 Date: Tue, 8 Aug 2023 16:37:04 -0600 Subject: [PATCH] edit-rolebinding (#48) * edit-rolebinding * update: rb to group for aap * update: kustomization.yaml to activate config * create aap-admins for ns edit role * adding aap-admins group --------- Co-authored-by: Cory Latschkowski --- .../rbac/overlays/hou-edge/aap-admins-group.yaml | 6 ++++++ .../overlays/hou-edge/aap-edit-ns-rolebinding.yaml | 12 ++++++++++++ .../rbac/overlays/hou-edge/kustomization.yaml | 2 ++ 3 files changed, 20 insertions(+) create mode 100644 components/configs/rbac/overlays/hou-edge/aap-admins-group.yaml create mode 100644 components/configs/rbac/overlays/hou-edge/aap-edit-ns-rolebinding.yaml diff --git a/components/configs/rbac/overlays/hou-edge/aap-admins-group.yaml b/components/configs/rbac/overlays/hou-edge/aap-admins-group.yaml new file mode 100644 index 0000000..0ea4b87 --- /dev/null +++ b/components/configs/rbac/overlays/hou-edge/aap-admins-group.yaml @@ -0,0 +1,6 @@ +kind: Group +apiVersion: user.openshift.io/v1 +metadata: + name: aap-admins +users: +- cnorville90 diff --git a/components/configs/rbac/overlays/hou-edge/aap-edit-ns-rolebinding.yaml b/components/configs/rbac/overlays/hou-edge/aap-edit-ns-rolebinding.yaml new file mode 100644 index 0000000..54049aa --- /dev/null +++ b/components/configs/rbac/overlays/hou-edge/aap-edit-ns-rolebinding.yaml @@ -0,0 +1,12 @@ +kind: RoleBinding +metadata: + name: edit + namespace: aap +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: edit +subjects: +- apiGroup: rbac.authorization.k8s.io + kind: Group + name: aap-admins diff --git a/components/configs/rbac/overlays/hou-edge/kustomization.yaml b/components/configs/rbac/overlays/hou-edge/kustomization.yaml index ffee213..44c2ff0 100644 --- a/components/configs/rbac/overlays/hou-edge/kustomization.yaml +++ b/components/configs/rbac/overlays/hou-edge/kustomization.yaml @@ -5,6 +5,8 @@ bases: - ../../base resources: + - aap-admins-group.yaml + - aap-edit-ns-rolebinding.yaml - adhoc-ops-group.yaml - lab-cluster-admins-group.yaml - lab-cluster-admins-rolebinding.yaml