From c4eb721b0396fb5dbc95f2bc8a02f5732384b192 Mon Sep 17 00:00:00 2001
From: Shuting Zhao <shutting06@gmail.com>
Date: Fri, 10 Jan 2020 12:39:26 -0800
Subject: [PATCH] move definitions/rolebindings.yaml to installatino.md

---
 definitions/rolebinding.yaml  | 21 ---------------------
 documentation/installation.md | 26 ++++++++++++++++++++++++--
 2 files changed, 24 insertions(+), 23 deletions(-)
 delete mode 100644 definitions/rolebinding.yaml

diff --git a/definitions/rolebinding.yaml b/definitions/rolebinding.yaml
deleted file mode 100644
index b8240c0014..0000000000
--- a/definitions/rolebinding.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: RoleBinding
-metadata:
-  name: policyviolation
-  # change namespace below to create rolebinding for the namespace admin
-  namespace: default
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: policyviolation
-subjects:
-# configure below to access policy violation for the namespace admin
-- kind: ServiceAccount
-  name: default
-  namespace: default
-# - apiGroup: rbac.authorization.k8s.io
-#   kind: User
-#   name: 
-# - apiGroup: rbac.authorization.k8s.io
-#   kind: Group
-#   name: 
\ No newline at end of file
diff --git a/documentation/installation.md b/documentation/installation.md
index 9c470afca4..082823e336 100644
--- a/documentation/installation.md
+++ b/documentation/installation.md
@@ -114,12 +114,34 @@ Here is a script that generates a self-signed CA, a TLS certificate-key pair, an
 
 # Configure a namespace admin to access policy violations
 
-During Kyverno installation, it creates a ClusterRole `policyviolation` which has the `list,get,watch` operation on resource `policyviolations`. To grant access to a namespace admin, configure [definitions/rolebinding.yaml](../definitions/rolebinding.yaml) then apply to the cluster.
+During Kyverno installation, it creates a ClusterRole `policyviolation` which has the `list,get,watch` operation on resource `policyviolations`. To grant access to a namespace admin, configure the following YAML file then apply to the cluster.
 
 - Replace `metadata.namespace` with namespace of the admin
 - Configure `subjects` field to bind admin's role to the ClusterRole `policyviolation`
 
-
+````yaml
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: RoleBinding
+metadata:
+  name: policyviolation
+  # change namespace below to create rolebinding for the namespace admin
+  namespace: default
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: policyviolation
+subjects:
+# configure below to access policy violation for the namespace admin
+- kind: ServiceAccount
+  name: default
+  namespace: default
+# - apiGroup: rbac.authorization.k8s.io
+#   kind: User
+#   name: 
+# - apiGroup: rbac.authorization.k8s.io
+#   kind: Group
+#   name: 
+````
 # Installing outside of the cluster (debug mode)
 
 To build Kyverno in a development environment see: https://github.com/nirmata/kyverno/wiki/Building