| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 |
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRoleBinding
- metadata:
- name: gce:beta:kubelet-certificate-bootstrap
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: gce:beta:kubelet-certificate-bootstrap
- subjects:
- - apiGroup: rbac.authorization.k8s.io
- kind: User
- name: kubelet
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRoleBinding
- metadata:
- name: gce:beta:kubelet-certificate-rotation
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: gce:beta:kubelet-certificate-rotation
- subjects:
- - apiGroup: rbac.authorization.k8s.io
- kind: Group
- name: system:nodes
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRole
- metadata:
- name: gce:beta:kubelet-certificate-bootstrap
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
- rules:
- - apiGroups:
- - "certificates.k8s.io"
- resources:
- - certificatesigningrequests/nodeclient
- verbs:
- - "create"
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRole
- metadata:
- name: gce:beta:kubelet-certificate-rotation
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
- rules:
- - apiGroups:
- - "certificates.k8s.io"
- resources:
- - certificatesigningrequests/selfnodeclient
- - certificatesigningrequests/selfnodeserver
- verbs:
- - "create"
|
