We are currently setting up Haproxy ingress controller on VMware tanzu Kubernetes. The thumb rule is we cannot have cluster role or cluster role binding.
Hence we have planned to have all name space specific like Role, Role binding, Service account and controllers, etc. But the haproxy ingress controller by default trying to access cluster scope (cluster role and cluster role binding), which is throwing forbidden access for the service account.
Kindly provide your expert advise whether I can have ingress controller to watch specific name space and the role/role binding within in name space not at cluster scope.
I can use any other haproxy container image with ingress controller which looks for name space specific.
Note: Currently I am using below image which helm chart deploys