kyverno/config/k8s-resource/clusterrolebindings.yaml

---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  labels:
    app: kyverno
  name: kyverno:policies
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: kyverno:policies
subjects:
- kind: ServiceAccount
  name: kyverno-service-account
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  labels:
    app: kyverno
  name: kyverno:view
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: kyverno:view
subjects:
- kind: ServiceAccount
  name: kyverno-service-account
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  labels:
    app: kyverno
  name: kyverno:generate
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: kyverno:generate
subjects:
- kind: ServiceAccount
  name: kyverno-service-account
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  labels:
    app: kyverno
  name: kyverno:events
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: kyverno:events
subjects:
- kind: ServiceAccount
  name: kyverno-service-account
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  labels:
    app: kyverno
  name: kyverno:userinfo
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: kyverno:userinfo
subjects:
- kind: ServiceAccount
  name: kyverno-service-account
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  labels:
    app: kyverno
  name: kyverno:webhook
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: kyverno:webhook
subjects:
- kind: ServiceAccount
  name: kyverno-service-account