Fix: add policy binding for forgebot K8s auth role
Every K8s auth role needs at least one entry in the policy_auth_map. Add a policy granting the forgebot role read access to the namespace- scoped KV path, which the operator SA needs when authenticating with the forgebot role instead of the default role.
This commit is contained in:
@@ -0,0 +1,9 @@
|
||||
---
|
||||
rules:
|
||||
- path: "kv/data/kubernetes/namespace/forgebot/*"
|
||||
capabilities:
|
||||
- read
|
||||
|
||||
auth:
|
||||
k8s/au/syd1:
|
||||
- forgebot
|
||||
Reference in New Issue
Block a user