config.allowedNamespaces
field on the helm chart allows you to configure a list of allowed namespaces. TFY Agent will filter out any namespaced resource’s update if the resource is not part of the allowed namespaces.
tfyAgentProxy.clusterRole.strictMode
to true
on the helm chart.config.allowedNamespaces
field, we will always run on strict mode, regardless of the value of the tfyAgentProxy.clusterRole.strictMode
field.config.allowedNamespaces
field, the control plane will not be allowed to create new namespaces.config.allowedNamespaces
field, we setup role binding only for those namespaces.