Inside the file values.yaml of the OPA chart I must activate RBAC using the following section :
# NOTE IF you use these, remember to update the RBAC rules below to allow
# permissions to get, list, watch, patch and update configmaps
enabled: false
namespaces: [opa, kube-federation-scheduling-policy]
requireLabel: true
replicate:
# NOTE IF you use these, remember to update the RBAC rules below to allow
# permissions to replicate these things
cluster: []
# - [group/]version/resource
namespace: []
# - [group/]version/resource
path: kubernetes
As stated above I must add the verbs: get, list, watch, patch and update to the kind configmap.
Unfortunatly I've got no idear how to make them fit the yaml...
I don't understand the following syntaxe :
cluster: []
# - [group/]version/resource
namespace: []
# - [group/]version/resource
path: kubernetes
But I guess that the verbs fit in there somehow...
I would add following stanza in the values.yaml file
rbac:
# If true, create & use RBAC resources
#
create: true
rules:
cluster:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- patch
- update