| 123456789101112131415161718192021 |
- apiVersion: rbac.authorization.k8s.io/v1
- # The persistent volume binder creates recycler pods in the default namespace,
- # but the addon manager only creates namespaced objects in the kube-system
- # namespace, so this is a ClusterRole.
- kind: ClusterRole
- metadata:
- name: gce:podsecuritypolicy:persistent-volume-binder
- namespace: default
- labels:
- kubernetes.io/cluster-service: "true"
- addonmanager.kubernetes.io/mode: Reconcile
- rules:
- - apiGroups:
- - policy
- resourceNames:
- - gce.persistent-volume-binder
- resources:
- - podsecuritypolicies
- verbs:
- - use
|
