<mohammadrony>
apiVersion: v1
kind: ServiceAccount
metadata:
  name: default-custom-sa
  namespace: default
---
apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
  name: default-custom-secret
  namespace: default
  annotations:
    kubernetes.io/service-account.name: "default-custom-sa"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: default-custom-role
  namespace: default
rules:
  - apiGroups: ["*"]
    resources:
      [
        "pods",
        "services",
        "configmaps",
        "secrets",
        "pods/log",
        "deployments",
        "daemonsets",
        "statefulset",
        "replicasets",
        "serviceaccounts",
        "ingresses",
        "events",
      ]
    verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: default-custom-role-binding
  namespace: default
subjects:
  - kind: ServiceAccount
    name: default-custom-sa
    namespace: default
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: default-custom-role