Role
and RoleBinding
pair can be used to grant permissions known to be sufficient to cover both installation and regular operation. Replace <SERVICEACCOUNT>
and <NAMESPACE>
with their appropriate values:
Recent versions of OpenShift no longer allow granting direct access to the
anyuid
Security Context Constraint (SCC), or any other default SCC. Instead, access grants are defined within the role. Below is an example configuration for the anyuid
SCC:ClusterRole
and ClusterRoleBinding
pair that has been demonstrated to
grant the ingress controller sufficient permissions to run without
warnings: