Giving Container Runner Access to Additional Namespaces
To allow the task-agent
pods (the pods container-agent
uses to spin up to run your jobs) you will need to create a RoleBinding
for each namespace you wish to give access to the task-agent
pod.
Additional Resources
- Stack Overflow: How to provide access to a service account to read pods in multiple namespaces?
- GKE Docs: Authorize actions in clusters using role-based access control
- This example could be specific to GKE but does have great resources for
rules.apiGroup
- This example could be specific to GKE but does have great resources for
Comments
Article is closed for comments.