In RBAC, this yaml grants access to Secrets. But what if I want a ClusterRole that grants access to specific Secrets, so that I can give a user access to some Secrets and not others?
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: secret-reader
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "watch", "list"]