Files
apps
infrastructure
argocd
argo-apps.application.yaml
argocd-cmd-params.configmap.yaml
argocd-oauth.configmap.yaml
argocd-oauth.sealedsecret.yaml
argocd-rbac.configmap.yaml
argocd.configmap.yaml
bootstrap-repo.sealedsecret.yaml
ingress.yaml
known-hosts.configmap.yaml
kustomization.yaml
namespace.yaml
servicemonitor.yaml
authelia
backup
external
external-dns
gitea
metallb-system
monitoring
nfs-provisioner
pg-ha
renovate
sealedsecrets
traefik-system
kluster-deployments
.gitignore
README.md
renovate.json
k3s-infra/infrastructure/argocd/argocd-rbac.configmap.yaml
2024-12-01 16:19:16 +01:00

12 lines
307 B
YAML

apiVersion: v1
kind: ConfigMap
metadata:
name: argocd-rbac-cm
data:
policy.csv: |
# use oidc group apps_admin as admin group in argocd
g, apps_admin, role:admin
g, argocd, role:readonly
# all other user that might have entered via oidc, are blocked: deny everything
policy.default: deny