apps/garage/rbac.yaml (view raw)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
--- apiVersion: v1 kind: ServiceAccount metadata: name: garage labels: helm.sh/chart: garage-0.5.0 app.kubernetes.io/name: garage app.kubernetes.io/instance: garage app.kubernetes.io/version: "v1.0.0" app.kubernetes.io/managed-by: Helm --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: manage-crds-default-garage labels: helm.sh/chart: garage-0.5.0 app.kubernetes.io/name: garage app.kubernetes.io/instance: garage app.kubernetes.io/version: "v1.0.0" app.kubernetes.io/managed-by: Helm rules: - apiGroups: ["apiextensions.k8s.io"] resources: ["customresourcedefinitions"] verbs: ["get", "list", "watch", "create", "patch"] - apiGroups: ["deuxfleurs.fr"] resources: ["garagenodes"] verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: allow-crds-for-default-garage labels: helm.sh/chart: garage-0.5.0 app.kubernetes.io/name: garage app.kubernetes.io/instance: garage app.kubernetes.io/version: "v1.0.0" app.kubernetes.io/managed-by: Helm subjects: - kind: ServiceAccount name: garage namespace: default roleRef: kind: ClusterRole name: manage-crds-default-garage apiGroup: rbac.authorization.k8s.io |