Can someone please help on how create a new sa in the existing namespace, but which must not have access to any secrets?
Create SA then create a role and rolebinding to deny access to secrets.
newly created sa’s don’t have access to secrets
also look into `
@Sathish Puranik you can’t create deny rules with RBAC
Deny I mean you can just attach rolebinding with restrict to list pods or some sort access without secret access.
you cannot do restictions in RBAC rules