From f626a7764513fd85bdf721be766646312fd848b1 Mon Sep 17 00:00:00 2001
From: Staffan Olsson <staffan@repos.se>
Date: Sat, 5 Aug 2017 06:24:38 +0200
Subject: Adds RBAC policy for curl, default service account

---
 rbac-namespace-default/events-watcher.yml | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 rbac-namespace-default/events-watcher.yml

diff --git a/rbac-namespace-default/events-watcher.yml b/rbac-namespace-default/events-watcher.yml
new file mode 100644
index 0000000..c8384b6
--- /dev/null
+++ b/rbac-namespace-default/events-watcher.yml
@@ -0,0 +1,30 @@
+# If events-kube-kafka-* goes crashlooping you probably need this
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: events-watcher
+  labels:
+    origin: github.com_Yolean_kubernetes-kafka
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - watch
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: kafka-events-watcher
+  labels:
+    origin: github.com_Yolean_kubernetes-kafka
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: events-watcher
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: kafka
-- 
cgit v1.2.3