From 023ac5ecf5936ad4caae0aee316da27fd673c12b Mon Sep 17 00:00:00 2001 From: Shuting Zhao Date: Wed, 4 Mar 2020 16:04:02 -0800 Subject: [PATCH] rename to kyverno:policyviolations --- definitions/install.yaml | 2 +- documentation/installation.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/definitions/install.yaml b/definitions/install.yaml index e47bcc12dc..8584bd4ad3 100644 --- a/definitions/install.yaml +++ b/definitions/install.yaml @@ -472,7 +472,7 @@ metadata: apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: - name: policyviolation + name: kyverno:policyviolations rules: - apiGroups: ["kyverno.io"] resources: diff --git a/documentation/installation.md b/documentation/installation.md index 1e59e13a5c..0bac6466b5 100644 --- a/documentation/installation.md +++ b/documentation/installation.md @@ -168,7 +168,7 @@ Here is a script that generates a self-signed CA, a TLS certificate-key pair, an # Configure a namespace admin to access policy violations -During Kyverno installation, it creates a ClusterRole `policyviolation` which has the `list,get,watch` operation on resource `policyviolations`. To grant access to a namespace admin, configure the following YAML file then apply to the cluster. +During Kyverno installation, it creates a ClusterRole `kyverno:policyviolations` which has the `list,get,watch` operation on resource `policyviolations`. To grant access to a namespace admin, configure the following YAML file then apply to the cluster. - Replace `metadata.namespace` with namespace of the admin - Configure `subjects` field to bind admin's role to the ClusterRole `policyviolation`