65f844cbe1
Every K8s auth role needs at least one entry in the policy_auth_map. Add a policy granting the forgebot role read access to the namespace- scoped KV path, which the operator SA needs when authenticating with the forgebot role instead of the default role.
10 lines
131 B
YAML
10 lines
131 B
YAML
---
|
|
rules:
|
|
- path: "kv/data/kubernetes/namespace/forgebot/*"
|
|
capabilities:
|
|
- read
|
|
|
|
auth:
|
|
k8s/au/syd1:
|
|
- forgebot
|