Fix: add policy binding for forgebot K8s auth role
Every K8s auth role needs at least one entry in the policy_auth_map. Add a policy granting the forgebot role read access to the namespace- scoped KV path, which the operator SA needs when authenticating with the forgebot role instead of the default role.
This commit is contained in:
@@ -0,0 +1,9 @@
|
|||||||
|
---
|
||||||
|
rules:
|
||||||
|
- path: "kv/data/kubernetes/namespace/forgebot/*"
|
||||||
|
capabilities:
|
||||||
|
- read
|
||||||
|
|
||||||
|
auth:
|
||||||
|
k8s/au/syd1:
|
||||||
|
- forgebot
|
||||||
Reference in New Issue
Block a user