I am trying to find a way? If I create a new namespace then I want it to create a RBAC rule for that serviceaccount automatically.
I know one way is to create an operator so, that there is an event that is traced by reconciler / api server and it creates the resources based on CRD's. Is there any other way?
On
While not really intended for this kind of thing you could use admission controllers (https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/) to achieve something like that.
Due to it's nature the admission controller is called before the namespace exists and you would need to wait until its creation is finished to create objects within that namespace. For that the admission controller call needs to be completed, else the namespace can't be created. I.e. by calling a second service that waits until the namespace is actually created.
I asked a similar question here: Automatically create Kubernetes resources after namespace creation (I didn’t find yours at that time).
I ended up writing a controller that does exactly what you need: https://github.com/blakelead/nsinjector
In short, you deploy a custom resource specifying resources to deploy and patterns for namespace names you want to target.