| apiVersion: v1 |
| kind: ServiceAccount |
| metadata: |
| name: csi-controller-sa |
| |
| --- |
| kind: ClusterRoleBinding |
| apiVersion: rbac.authorization.k8s.io/v1 |
| metadata: |
| name: csi-controller-attacher-role |
| subjects: |
| - kind: ServiceAccount |
| name: csi-controller-sa |
| namespace: default |
| roleRef: |
| kind: ClusterRole |
| name: external-attacher-runner |
| apiGroup: rbac.authorization.k8s.io |
| |
| --- |
| kind: RoleBinding |
| apiVersion: rbac.authorization.k8s.io/v1 |
| metadata: |
| name: csi-controller-attacher-role-cfg |
| namespace: default |
| subjects: |
| - kind: ServiceAccount |
| name: csi-controller-sa |
| namespace: default |
| roleRef: |
| kind: Role |
| name: external-attacher-cfg |
| |
| --- |
| kind: ClusterRoleBinding |
| apiVersion: rbac.authorization.k8s.io/v1 |
| metadata: |
| name: csi-controller-provisioner-role |
| subjects: |
| - kind: ServiceAccount |
| name: csi-controller-sa |
| namespace: default |
| roleRef: |
| kind: ClusterRole |
| name: external-provisioner-runner |
| apiGroup: rbac.authorization.k8s.io |
| |
| --- |
| kind: RoleBinding |
| apiVersion: rbac.authorization.k8s.io/v1 |
| metadata: |
| name: csi-controller-provisioner-role-cfg |
| namespace: default |
| subjects: |
| - kind: ServiceAccount |
| name: csi-controller-sa |
| namespace: default |
| roleRef: |
| kind: Role |
| name: external-provisioner-cfg |
| |
| --- |
| # priviledged Pod Security Policy, previously defined via PrivilegedTestPSPClusterRoleBinding() |
| kind: ClusterRoleBinding |
| apiVersion: rbac.authorization.k8s.io/v1 |
| metadata: |
| name: psp-csi-controller-driver-registrar-role |
| subjects: |
| - kind: ServiceAccount |
| name: csi-controller-sa |
| namespace: default |
| - kind: ServiceAccount |
| name: csi-node-sa |
| namespace: default |
| roleRef: |
| kind: ClusterRole |
| name: e2e-test-privileged-psp |
| apiGroup: rbac.authorization.k8s.io |