1apiVersion: v1 2kind: ServiceAccount 3metadata: 4 name: csi-mock 5 6--- 7kind: ClusterRoleBinding 8apiVersion: rbac.authorization.k8s.io/v1 9metadata: 10 name: csi-controller-attacher-role 11subjects: 12 - kind: ServiceAccount 13 name: csi-mock 14 namespace: default 15roleRef: 16 kind: ClusterRole 17 name: external-attacher-runner 18 apiGroup: rbac.authorization.k8s.io 19 20--- 21kind: ClusterRoleBinding 22apiVersion: rbac.authorization.k8s.io/v1 23metadata: 24 name: csi-controller-provisioner-role 25subjects: 26 - kind: ServiceAccount 27 name: csi-mock 28 namespace: default 29roleRef: 30 kind: ClusterRole 31 name: external-provisioner-runner 32 apiGroup: rbac.authorization.k8s.io 33 34--- 35kind: ClusterRoleBinding 36apiVersion: rbac.authorization.k8s.io/v1 37metadata: 38 name: csi-controller-cluster-driver-registrar-role 39subjects: 40 - kind: ServiceAccount 41 name: csi-mock 42 namespace: default 43roleRef: 44 kind: ClusterRole 45 name: cluster-driver-registrar-runner 46 apiGroup: rbac.authorization.k8s.io 47 48--- 49# priviledged Pod Security Policy, previously defined via PrivilegedTestPSPClusterRoleBinding() 50kind: ClusterRoleBinding 51apiVersion: rbac.authorization.k8s.io/v1 52metadata: 53 name: psp-csi-controller-driver-registrar-role 54subjects: 55 - kind: ServiceAccount 56 name: csi-mock 57 namespace: default 58roleRef: 59 kind: ClusterRole 60 name: e2e-test-privileged-psp 61 apiGroup: rbac.authorization.k8s.io 62--- 63kind: ClusterRoleBinding 64apiVersion: rbac.authorization.k8s.io/v1 65metadata: 66 name: csi-controller-resizer-role 67subjects: 68 - kind: ServiceAccount 69 name: csi-mock 70 namespace: default 71roleRef: 72 kind: ClusterRole 73 name: external-resizer-runner 74 apiGroup: rbac.authorization.k8s.io 75--- 76kind: ClusterRoleBinding 77apiVersion: rbac.authorization.k8s.io/v1 78metadata: 79 name: csi-controller-snapshotter-role 80subjects: 81 - kind: ServiceAccount 82 name: csi-mock 83 namespace: default 84roleRef: 85 kind: ClusterRole 86 name: external-snapshotter-runner 87 apiGroup: rbac.authorization.k8s.io