Description
Is your feature request related to a problem? Please describe.
I'm working with a solution that has the nginx-ingress-controller (with nginx plus) deployed to multiple namespaces within the same k8s cluster. The rbac within each namespace works correctly, but the ClusterRoleBinding only knows about the last chart that was deployed, even with rbac.clusterrole.create: false. This has lead to some interesting work arounds about owning the ClusterRoleBinding for dynamically deployed controllers.
Describe the solution you'd like
A setting that allows a user to toggle creation of the ClusterRoleBinding, in order to provide a better suited cluster level RBAC.
Describe alternatives you've considered
I had hoped that using rbac.clusterrole.create: false would not install the ClusterRoleBinding, but that seems to have been left out (intentionally?) of the issue that initially implemented the logic in #5228.
Additional context
Being able to test within namespaces seems to be limited by the chart owning the ClusterRoleBinding, even if the ultimate solution will use a cluster-wide chart and controller.