| 12345678910111213141516171819202122232425 |
- apiVersion: rbac.authorization.k8s.io/v1
- kind: RoleBinding
- metadata:
- name: gce:podsecuritypolicy:nodes
- namespace: kube-system
- annotations:
- kubernetes.io/description: 'Allow nodes to create privileged pods. Should
- be used in combination with the NodeRestriction admission plugin to limit
- nodes to mirror pods bound to themselves.'
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
- kubernetes.io/cluster-service: 'true'
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: gce:podsecuritypolicy:privileged
- subjects:
- - kind: Group
- apiGroup: rbac.authorization.k8s.io
- name: system:nodes
- - kind: User
- apiGroup: rbac.authorization.k8s.io
- # Legacy node ID
- name: kubelet
|
