diff options
author | Staffan Olsson <staffan@repos.se> | 2017-08-05 05:53:02 +0200 |
---|---|---|
committer | Staffan Olsson <staffan@repos.se> | 2017-08-05 05:53:08 +0200 |
commit | 35974266ae938856f3a254b12308b1a99e67e5e7 (patch) | |
tree | 29536f890adc2b4c9ea889f2d987bfb5fc06f21e | |
parent | a8ee55bb48a4915b2f119b0f409e7e714d9faf55 (diff) | |
download | kubernetes-kafka-35974266ae938856f3a254b12308b1a99e67e5e7.tar.gz kubernetes-kafka-35974266ae938856f3a254b12308b1a99e67e5e7.tar.bz2 kubernetes-kafka-35974266ae938856f3a254b12308b1a99e67e5e7.zip |
Got the feeling from kubectl get clusterrole ...
that having access control rules, in particular cluster scoped,
lying around without knowing where they come from
will be unmaintainable over time. Labels show up nicely in describe.
-rw-r--r-- | rbac-namespace-default/events-watcher.yml | 4 | ||||
-rw-r--r-- | rbac-namespace-default/node-reader.yml | 4 |
2 files changed, 8 insertions, 0 deletions
diff --git a/rbac-namespace-default/events-watcher.yml b/rbac-namespace-default/events-watcher.yml index 6194e84..3b2e76d 100644 --- a/rbac-namespace-default/events-watcher.yml +++ b/rbac-namespace-default/events-watcher.yml @@ -4,6 +4,8 @@ kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: events-watcher + labels: + origin: github.com_Yolean_kubernetes-kafka rules: - apiGroups: - "" @@ -16,6 +18,8 @@ kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: kafka-events-watcher + labels: + origin: github.com_Yolean_kubernetes-kafka roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/rbac-namespace-default/node-reader.yml b/rbac-namespace-default/node-reader.yml index 3a133a8..0454579 100644 --- a/rbac-namespace-default/node-reader.yml +++ b/rbac-namespace-default/node-reader.yml @@ -4,6 +4,8 @@ kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: node-reader + labels: + origin: github.com_Yolean_kubernetes-kafka rules: - apiGroups: - "" @@ -16,6 +18,8 @@ kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: kafka-node-reader + labels: + origin: github.com_Yolean_kubernetes-kafka roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole |