Merge pull request 'chore: add rancher role' (#44 ) from benvin/rancher_role into master

Reviewed-on: #44
chore: add rancher role
2026-01-30 19:46:19 +11:00 · 2026-01-30 19:43:06 +11:00
2 changed files with 16 additions and 0 deletions
--- a/config/auth_kubernetes_role/k8s/au/syd1/rancher.yaml
+++ b/config/auth_kubernetes_role/k8s/au/syd1/rancher.yaml
@ -0,0 +1,6 @@
+bound_service_account_names:
+  - rancher
+bound_service_account_namespaces:
+  - default
+token_ttl: 60
+audience: vault
--- a/policies/kv/service/kubernetes/au/syd1/rancher/bootstrap-password/read.yaml
+++ b/policies/kv/service/kubernetes/au/syd1/rancher/bootstrap-password/read.yaml
@ -0,0 +1,10 @@
+# Allow reading ExternalDNS TSIG keys
+---
+rules:
+  - path: "kv/data/service/kubernetes/au/syd1/rancher/bootstrap-password"
+    capabilities:
+      - read
+
+auth:
+  k8s/au/syd1:
+    - rancher
Author	SHA1	Message	Date
Ben Vincent	9d54b4cfcc	Merge pull request 'chore: add rancher role' (#44 ) from benvin/rancher_role into master Reviewed-on: #44	2026-01-30 19:46:19 +11:00
Ben Vincent	33af7010fb	chore: add rancher role - add kubernetes role for rancher - add policy to enable access to bootstrap-password	2026-01-30 19:43:06 +11:00