I would like to restrict access of the CNPG to a list of namespaces while minimizing cluster wide permissions. The aim is to follow the principle of least priviledge.
Currently, it is only possible to get cluster wide RBAC and limit the namespaces using the WATCH_NAMESPACE variable, or get single nsmespace RBACs. It would be nice to have the choice between cluster wide, multi namespace and single namespace.
I would like to restrict access of the CNPG to a list of namespaces while minimizing cluster wide permissions. The aim is to follow the principle of least priviledge.
Currently, it is only possible to get cluster wide RBAC and limit the namespaces using the
WATCH_NAMESPACEvariable, or get single nsmespace RBACs. It would be nice to have the choice between cluster wide, multi namespace and single namespace.