novelapp: grant vabbit81 (Gheorghe) admin RBAC on novelapp namespace

2026-03-26 17:34:48 +02:00 · 2026-03-26 17:34:48 +02:00 · 1ec480e5fa
commit 1ec480e5fa
parent 2dc27ca128
1 changed files with 18 additions and 0 deletions
--- a/stacks/novelapp/main.tf
+++ b/stacks/novelapp/main.tf
@ -216,6 +216,24 @@ module "ingress" {
  }
 }

+# RBAC — grant vabbit81 (Gheorghe) admin access to novelapp namespace
+resource "kubernetes_role_binding" "novelapp_owner_vabbit81" {
+  metadata {
+    name      = "novelapp-owner-vabbit81"
+    namespace = kubernetes_namespace.novelapp.metadata[0].name
+  }
+  role_ref {
+    api_group = "rbac.authorization.k8s.io"
+    kind      = "ClusterRole"
+    name      = "admin"
+  }
+  subject {
+    api_group = "rbac.authorization.k8s.io"
+    kind      = "User"
+    name      = "vabbit81@gmail.com"
+  }
+}
+
 # Sealed Secrets — encrypted secrets safe to commit to git
 resource "kubernetes_manifest" "sealed_secrets" {
  for_each = fileset(path.module, "sealed-*.yaml")