Browse Source

add clusterrole to be cluster-scoped

master
Vladimir Smagin 1 year ago
parent
commit
dc7018e8c6
2 changed files with 73 additions and 0 deletions
  1. +62
    -0
      deploy/clusterrole.yaml
  2. +11
    -0
      deploy/clusterrole_binding.yaml

+ 62
- 0
deploy/clusterrole.yaml View File

@ -0,0 +1,62 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: redis-operator
rules:
- apiGroups:
- ""
resources:
- pods
- services
- services/finalizers
- endpoints
- persistentvolumeclaims
- events
- configmaps
- secrets
- namespaces
verbs:
- '*'
- apiGroups:
- apps
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
verbs:
- '*'
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- apiGroups:
- apps
resourceNames:
- redis-operator
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- apps
resources:
- replicasets
verbs:
- get
- apiGroups:
- blindage.org
resources:
- '*'
verbs:
- '*'

+ 11
- 0
deploy/clusterrole_binding.yaml View File

@ -0,0 +1,11 @@
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: redis-operator
subjects:
- kind: ServiceAccount
name: redis-operator
roleRef:
kind: ClusterRole
name: redis-operator
apiGroup: rbac.authorization.k8s.io

Loading…
Cancel
Save