From 44a0fbcf14ce31eadb8cce59baf08b8ad9a40752 Mon Sep 17 00:00:00 2001
From: Jani Poikela <poppis.poikela@gmail.com>
Date: Tue, 27 Apr 2021 11:30:44 +0300
Subject: [PATCH 1/2] add serviceAccountName

---
 kubewatch.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/kubewatch.yaml b/kubewatch.yaml
index 19b18398f..e21922643 100644
--- a/kubewatch.yaml
+++ b/kubewatch.yaml
@@ -4,6 +4,7 @@ metadata:
   name: kubewatch
   namespace: default
 spec:
+  serviceAccountName: kubewatch
   containers:
   - image: bitnami/kubewatch #using this image, its more stable and active
     imagePullPolicy: Always
@@ -15,4 +16,4 @@ spec:
   volumes:
   - name: config-volume
     configMap:
-      name: kubewatch
\ No newline at end of file
+      name: kubewatch

From 0d9fa7fbfd96f10f07ab76245bbd41f8a0e68a67 Mon Sep 17 00:00:00 2001
From: Jani Poikela <poppis.poikela@gmail.com>
Date: Tue, 27 Apr 2021 11:45:17 +0300
Subject: [PATCH 2/2] update rules

add apps apiGroup
add namespaces and deployments resources
---
 kubewatch-service-account.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/kubewatch-service-account.yaml b/kubewatch-service-account.yaml
index b3721f2eb..320621f72 100644
--- a/kubewatch-service-account.yaml
+++ b/kubewatch-service-account.yaml
@@ -4,8 +4,8 @@ apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   name: kubewatch
 rules:
-- apiGroups: [""]
-  resources: ["pods", "replicationcontrollers"]
+- apiGroups: ["", apps]
+  resources: ["pods", "namespaces", "deployments", "replicationcontrollers"]
   verbs: ["get", "watch", "list"]
 ---
 apiVersion: v1