permissions
This commit is contained in:
Danijel Simeunovic
@@ -1,16 +1,19 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: kyverno:secrets:view
|
||||
name: kyverno:resources:view
|
||||
labels:
|
||||
rbac.kyverno.io/aggregate-to-admission-controller: "true"
|
||||
rbac.kyverno.io/aggregate-to-reports-controller: "true"
|
||||
rbac.kyverno.io/aggregate-to-background-controller: "true"
|
||||
rbac.kyverno.io/aggregate-to-cleanup-controller: "true"
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ''
|
||||
resources:
|
||||
- secrets
|
||||
- pod
|
||||
- replicaset
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
@@ -22,11 +25,14 @@ metadata:
|
||||
name: kyverno:secrets:manage
|
||||
labels:
|
||||
rbac.kyverno.io/aggregate-to-background-controller: "true"
|
||||
rbac.kyverno.io/aggregate-to-cleanup-controller: "true"
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ''
|
||||
resources:
|
||||
- secrets
|
||||
- pod
|
||||
- replicaset
|
||||
verbs:
|
||||
- create
|
||||
- update
|
||||
|
||||
Reference in New Issue
Block a user