During demo we got questions regarding the security model adopted in Service-Binding-Operator. Therefore, we would like to evaluate RBAC settings and reflect upon real use-case scenarios where we possibly want to be more restrictive.

One of the options we could explore is to re-use current user service-account, instead of having a dedicated cluster wide.

Acceptance Criteria

• What would be the minimum set of permissions?
• Evaluation of current settings and applicable PR where changes apply;