We’re trying to deploy the Keycloak Operator in a customer’s Kubernetes environment that has strict multi-tenant requirements. The customer’s security policies don’t allow vendors to use any cluster-level permissions (like ClusterRoles or ClusterRoleBindings), which is currently preventing us from deploying the Keycloak Operator due to its cluster-wide RBAC resources.
Does the Keycloak Operator support, or are there plans to support, a fully namespace-scoped deployment? Specifically, we’re looking for a setup that keeps everything within a single namespace and doesn’t rely on any cluster-level resources or permissions.
For example, the Elastic operator takes as an argument a set of namespaces that the operator then is responsible for managing. Configure ECK | Elastic Cloud on Kubernetes [2.16] | Elastic