39 lines
1.0 KiB
YAML
39 lines
1.0 KiB
YAML
{{- if .Values.node.serviceAccount.create }}
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: {{ .Values.node.serviceAccount.name }}
|
|
labels:
|
|
app.kubernetes.io/name: {{ include "aws-efs-csi-driver.name" . }}
|
|
{{- with .Values.node.serviceAccount.annotations }}
|
|
annotations:
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
---
|
|
kind: ClusterRole
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
metadata:
|
|
name: efs-csi-node-role
|
|
labels:
|
|
app.kubernetes.io/name: {{ include "aws-efs-csi-driver.name" . }}
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["nodes"]
|
|
verbs: ["get", "list", "watch", "patch"]
|
|
---
|
|
kind: ClusterRoleBinding
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
metadata:
|
|
name: efs-csi-node-binding
|
|
labels:
|
|
app.kubernetes.io/name: {{ include "aws-efs-csi-driver.name" . }}
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: {{ .Values.node.serviceAccount.name }}
|
|
namespace: {{ .Release.Namespace }}
|
|
roleRef:
|
|
kind: ClusterRole
|
|
name: efs-csi-node-role
|
|
apiGroup: rbac.authorization.k8s.io
|
|
|