Skip to content

Commit 9695ec2

Browse files
IshaanDesai45IshaanDesai45
committed
enhancing formatting
1 parent f8e273c commit 9695ec2

File tree

1 file changed

+67
-69
lines changed

1 file changed

+67
-69
lines changed

config/samples/sidb/openshift_rbac.yaml

Lines changed: 67 additions & 69 deletions
Original file line numberDiff line numberDiff line change
@@ -4,55 +4,53 @@
44
#
55
---
66
# Create a Security Context Contraint
7-
8-
kind: SecurityContextConstraints
9-
apiVersion: security.openshift.io/v1
10-
metadata:
11-
name: sidb-oracle-user-scc
12-
allowPrivilegedContainer: false
13-
allowedCapabilities:
14-
- SYS_NICE
15-
runAsUser:
16-
type: MustRunAs
17-
uid: 54321
18-
seLinuxContext:
19-
type: RunAsAny
20-
fsGroup:
21-
type: MustRunAs
22-
ranges:
23-
- min: 54321
24-
max: 54321
25-
supplementalGroups:
7+
kind: SecurityContextConstraints
8+
apiVersion: security.openshift.io/v1
9+
metadata:
10+
name: sidb-oracle-user-scc
11+
allowPrivilegedContainer: false
12+
allowedCapabilities:
13+
- SYS_NICE
14+
runAsUser:
15+
type: MustRunAs
16+
uid: 54321
17+
seLinuxContext:
18+
type: RunAsAny
19+
fsGroup:
20+
type: MustRunAs
21+
ranges:
22+
- min: 54321
23+
max: 54321
24+
supplementalGroups:
2625
type: MustRunAs
2726
ranges:
2827
- min: 54321
2928
max: 54321
3029
---
3130
# Create a Security Context Contraint
32-
33-
kind: SecurityContextConstraints
34-
apiVersion: security.openshift.io/v1
35-
metadata:
36-
name: sidb-oracle-root-user-scc
37-
allowPrivilegedContainer: false
38-
allowedCapabilities:
39-
- SYS_NICE
40-
runAsUser:
41-
type: MustRunAsRange
42-
uidRangeMin: 0
43-
uidRangeMax: 54321
44-
seLinuxContext:
45-
type: RunAsAny
46-
fsGroup:
47-
type: MustRunAs
48-
ranges:
49-
- min: 0
50-
max: 54321
51-
supplementalGroups:
52-
type: MustRunAs
53-
ranges:
54-
- min: 0
55-
max: 54321
31+
kind: SecurityContextConstraints
32+
apiVersion: security.openshift.io/v1
33+
metadata:
34+
name: sidb-oracle-root-user-scc
35+
allowPrivilegedContainer: false
36+
allowedCapabilities:
37+
- SYS_NICE
38+
runAsUser:
39+
type: MustRunAsRange
40+
uidRangeMin: 0
41+
uidRangeMax: 54321
42+
seLinuxContext:
43+
type: RunAsAny
44+
fsGroup:
45+
type: MustRunAs
46+
ranges:
47+
- min: 0
48+
max: 54321
49+
supplementalGroups:
50+
type: MustRunAs
51+
ranges:
52+
- min: 0
53+
max: 5432
5654
---
5755
apiVersion: v1
5856
kind: ServiceAccount
@@ -61,33 +59,33 @@ metadata:
6159
namespace: sidb-ns
6260

6361
---
64-
kind: Role
65-
apiVersion: rbac.authorization.k8s.io/v1
66-
metadata:
67-
name: use-sidb-scc
68-
namespace: sidb-ns
69-
rules:
70-
- verbs:
71-
- use
72-
apiGroups:
73-
- security.openshift.io
62+
kind: Role
63+
apiVersion: rbac.authorization.k8s.io/v1
64+
metadata:
65+
name: use-sidb-scc
66+
namespace: sidb-ns
67+
rules:
68+
- apiGroups:
69+
- security.openshift.io
70+
verbs:
71+
- use
7472
resources:
75-
- securitycontextconstraints
73+
- securitycontextconstraints
7674
resourceNames:
77-
- oracle-user-scc
78-
- oracle-root-scc
75+
- sidb-oracle-user-scc
76+
- sidb-oracle-root-scc
7977

8078
---
81-
kind: RoleBinding
82-
apiVersion: rbac.authorization.k8s.io/v1
83-
metadata:
84-
name: use-sidb-scc
85-
namespace: sidb-ns
86-
subjects:
87-
- kind: ServiceAccount
88-
name: sidb-sa
89-
namespace: sidb-ns
90-
roleRef:
91-
kind: Role
92-
name: use-sidb-scc
93-
apiGroup: rbac.authorization.k8s.io
79+
kind: RoleBinding
80+
apiVersion: rbac.authorization.k8s.io/v1
81+
metadata:
82+
name: use-sidb-scc
83+
namespace: sidb-ns
84+
subjects:
85+
- kind: ServiceAccount
86+
name: sidb-sa
87+
namespace: sidb-ns
88+
roleRef:
89+
kind: Role
90+
name: use-sidb-scc
91+
apiGroup: rbac.authorization.k8s.io

0 commit comments

Comments
 (0)