apiVersion: v1
kind: Namespace
metadata:
  name: tenant-a
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: attacker
  namespace: tenant-a
---
# Namespaced Role: ONLY create/update (and get/list to inspect own objects) on
# AdmissionPolicy and AdmissionPolicyGroup. Deliberately NO cluster-admin,
# NO delete, NO access to other resources. This is the load-bearing privilege boundary.
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: policy-author
  namespace: tenant-a
rules:
  - apiGroups: ["policies.kubewarden.io"]
    resources: ["admissionpolicies", "admissionpolicygroups"]
    verbs: ["create", "update", "get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: attacker-policy-author
  namespace: tenant-a
subjects:
  - kind: ServiceAccount
    name: attacker
    namespace: tenant-a
roleRef:
  kind: Role
  name: policy-author
  apiGroup: rbac.authorization.k8s.io