Livebook as K8s Cluster Admin

Because I like experimenting with Kubernetes from Elixir Livebook, I made the service account into a cluster admin.

Warning: The following grants cluster-admin privileges to anyone using your Livebook instance. That’s probably a bad idea.

danger/cluster-admin.yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: livebook:default:cluster-admin
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: default
  namespace: livebook

I’m going to repeat the warning above: This grants cluster-admin privileges to anyone using your Livebook instance. That’s probably a bad idea.