K
Q

how to pass a namespace to a subject in a rolebinding in kubernetes

3/15/2021

I have the following manifest:

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: my-psp-rb
roleRef:
  kind: Role
  name: psp-role
  apiGroup: rbac.authorization.k8s.io
subjects:
- kind: Group
  name: system:serviceaccounts:${NAMESPACE}

I would like to deploy this manifest as follows: kubectl apply -f psp-rb.yaml -n some_namespace in a way that the name in the subject is dynamically set. I know that ${NAMESPACE} is not allowed, so I am looking for a way on how to do this. I looked into this but I am not a huge fan of installing dependencies only for passing variables to a manifest (plus I agree variables shouldn't be used in this context). Maybe there is a kubernetesy way to do this?

-- Simon Ernesto Cardenas Zarate
kubernetes
rbac

Similar Questions

Kubernetes: kube-scheduler is not correctly scoring nodes for pod assignment
K8S Fabric8 API + deploy, pod and service in one go?
Elasticseach cluster won't elect new master after losing the previous ones on ECK
Kubernetes: Kafka pod shutdown after server stops
What is relationship betweeen Node and Namespaces in kubernetes?

1 Answer

3/16/2021

Copying down from comments and confirming, this is not a thing kubectl supports. It's very simple :)

-- coderanger
Source: StackOverflow