From 159e135ee8c8292858b1c52d7b6641fa72e4a302 Mon Sep 17 00:00:00 2001
From: Mayne0213 <bluemayne0213@icloud.com>
Date: Fri, 2 Jan 2026 20:00:49 +0900
Subject: [PATCH] FEAT(authelia): add OIDC admin ClusterRoleBinding

- Add ClusterRoleBinding for Authelia SSO
- Enable admin access via OIDC
---
 authelia/kustomization.yaml |  1 +
 authelia/rbac.yaml          | 12 ++++++++++++
 2 files changed, 13 insertions(+)
 create mode 100644 authelia/rbac.yaml

diff --git a/authelia/kustomization.yaml b/authelia/kustomization.yaml
index ba12a71..e0c8d98 100644
--- a/authelia/kustomization.yaml
+++ b/authelia/kustomization.yaml
@@ -5,3 +5,4 @@ resources:
 - ingress.yaml
 - middleware.yaml
 - config.yaml
+- rbac.yaml
diff --git a/authelia/rbac.yaml b/authelia/rbac.yaml
new file mode 100644
index 0000000..217f13e
--- /dev/null
+++ b/authelia/rbac.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: oidc-admin-authelia
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+- apiGroup: rbac.authorization.k8s.io
+  kind: User
+  name: "https://auth0213.kro.kr#admin"