syifa
/
datasiswa-gitops
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updated rbac base k8s no namespace

This commit is contained in:
syifa 2025-11-19 02:19:43 +00:00
parent 75ce77e892
commit c8cb24900f
1 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
k8s/rbac.yaml
View File

@ -5,13 +5,13 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: frontend-sa-syifa name: frontend-sa-syifa
namespace: intern-workspace #namespace: intern-workspace
--- ---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role
metadata: metadata:
name: frontend-role-syifa name: frontend-role-syifa
namespace: intern-workspace #namespace: intern-workspace
rules: rules:
# Frontend boleh baca Service (buat resolve endpoint backend) # Frontend boleh baca Service (buat resolve endpoint backend)
- apiGroups: [""] - apiGroups: [""]
@ -22,11 +22,11 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
name: frontend-rolebinding-syifa name: frontend-rolebinding-syifa
namespace: intern-workspace #namespace: intern-workspace
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: frontend-sa-syifa name: frontend-sa-syifa
namespace: intern-workspace #namespace: intern-workspace
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
kind: Role kind: Role
@ -40,13 +40,13 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: backend-sa-syifa name: backend-sa-syifa
namespace: intern-workspace #namespace: intern-workspace
--- ---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role
metadata: metadata:
name: backend-role-syifa name: backend-role-syifa
namespace: intern-workspace #namespace: intern-workspace
rules: rules:
# Backend boleh baca ConfigMap dan Secret (buat env) # Backend boleh baca ConfigMap dan Secret (buat env)
- apiGroups: [""] - apiGroups: [""]
@ -61,11 +61,11 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
name: backend-rolebinding-syifa name: backend-rolebinding-syifa
namespace: intern-workspace #namespace: intern-workspace
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: backend-sa-syifa name: backend-sa-syifa
namespace: intern-workspace #namespace: intern-workspace
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
kind: Role kind: Role
@ -79,13 +79,13 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: mysql-sa-syifa name: mysql-sa-syifa
namespace: intern-workspace #namespace: intern-workspace
--- ---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role
metadata: metadata:
name: mysql-role-syifa name: mysql-role-syifa
namespace: intern-workspace #namespace: intern-workspace
rules: rules:
- apiGroups: [""] - apiGroups: [""]
resources: ["configmaps", "secrets"] resources: ["configmaps", "secrets"]
@ -95,11 +95,11 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
name: mysql-rolebinding-syifa name: mysql-rolebinding-syifa
namespace: intern-workspace #namespace: intern-workspace
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: mysql-sa-syifa name: mysql-sa-syifa
namespace: intern-workspace #namespace: intern-workspace
roleRef: roleRef:
apiGroup: rbac.authorization.k8s.io apiGroup: rbac.authorization.k8s.io
kind: Role kind: Role