| 123456789101112131415161718 |
- apiVersion: rbac.authorization.k8s.io/v1
- kind: RoleBinding
- metadata:
- name: gce:podsecuritypolicy:unprivileged-addon
- namespace: kube-system
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
- kubernetes.io/cluster-service: "true"
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: gce:podsecuritypolicy:unprivileged-addon
- subjects:
- - kind: Group
- # All service accounts in the kube-system namespace are allowed to use this.
- name: system:serviceaccounts:kube-system
- apiGroup: rbac.authorization.k8s.io
|
