apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: route-cert-reader
  namespace: irc-josie-cloud
rules:
  - apiGroups: [""]
    resources: [secrets]
    resourceNames: [irc-now-tls, my-irc-now-tls]
    verbs: [get, list, watch]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: route-cert-reader
  namespace: irc-josie-cloud
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: route-cert-reader
subjects:
  - kind: ServiceAccount
    name: router
    namespace: openshift-ingress