# # Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # --- kind: ServiceAccount apiVersion: v1 metadata: name: openshift-acme namespace: default labels: app: openshift-acme --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: openshift-acme labels: app: openshift-acme rules: - apiGroups: - "route.openshift.io" resources: - routes verbs: - create - get - list - watch - update - patch - delete - deletecollection - apiGroups: - "route.openshift.io" resources: - routes/custom-host verbs: - create - apiGroups: - "" resources: - configmaps - services - secrets verbs: - create - get - list - watch - update - patch - delete - apiGroups: - "" resources: - events verbs: - create - update - patch - apiGroups: - "" resources: - limitranges verbs: - get - list - watch - apiGroups: - "apps" resources: - replicasets verbs: - create - get - list - watch - update - patch - delete --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: openshift-acme-crb namespace: default labels: app: openshift-acme-crb subjects: - kind: ServiceAccount name: openshift-acme namespace: default roleRef: kind: ClusterRole name: openshift-acme apiGroup: rbac.authorization.k8s.io