Uploaded image for project: 'OpenShift Service Mesh'
  1. OpenShift Service Mesh
  2. OSSM-5921

Create istio-reader-clusterrole and istio-reader-service-account when cluster-wide and multi-cluster modes are enabled

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Normal Normal
    • OSSM 2.5.3
    • None
    • Maistra
    • None

      Currently, Istio Operator removes istio-reader-clusterrole and the related role binding, so users who deploy multi-cluster can't grant proper privileges for a remote control plane.

      Acceptance criteria:
      When a user deploys multi-cluster SMCP, Istio Operator creates:
      1) ServiceAccount istio-reader-service-account.
      2) ClusterRole istio-reader-clusterrole-<smcp-name>.
      3) ClusterRoleBinding istio-reader-clusterrole-<smcp-name>.

              rh-ee-dedoyle Dean Doyle (Inactive)
              jewertow@redhat.com Jacek Ewertowski
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: