open-cluster-management/manifests/klusterlet/management/klusterlet-registration-rolebinding.yaml

# RoleBinding for registration mandatory permissions.
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: open-cluster-management:management:{{ .KlusterletName }}-registration:agent
  namespace: {{ .AgentNamespace }}
  labels:
    {{ if gt (len .Labels) 0 }}
    {{ range $key, $value := .Labels }}
    {{ $key }}: {{ $value }}
    {{ end }}
    {{ end }}
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: open-cluster-management:management:{{ .KlusterletName }}-registration:agent
subjects:
  - kind: ServiceAccount
    name: {{ .RegistrationServiceAccount }}
    namespace: {{ .AgentNamespace }}