From 33b8896b5d304170033507c1a356599640f0346a Mon Sep 17 00:00:00 2001
From: David Arnold <dar@xoe.solutions>
Date: Mon, 26 Oct 2020 21:50:34 -0500
Subject: [PATCH] To access nodes ClusterRole is required

---
 live-demo/k8s/00-rbac.yaml | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/live-demo/k8s/00-rbac.yaml b/live-demo/k8s/00-rbac.yaml
index b8f01e5..6030780 100644
--- a/live-demo/k8s/00-rbac.yaml
+++ b/live-demo/k8s/00-rbac.yaml
@@ -1,8 +1,7 @@
-kind: Role
+kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: voip-manager
-  namespace: voip
 rules:
   - apiGroups: [""] # "" indicates the core API group
     resources: ["pods","endpoints","services","nodes"]
@@ -13,16 +12,15 @@ rules:
 
 ---
 
-kind: RoleBinding
+kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: manager
-  namespace: voip
 subjects:
   - kind: User
     name: system:serviceaccount:voip:default
     apiGroup: rbac.authorization.k8s.io
 roleRef:
-  kind: Role
+  kind: ClusterRole
   name: voip-manager
   apiGroup: rbac.authorization.k8s.io