--- # Source: elastic-operator/charts/eck-operator/templates/cluster-roles.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: elastic-operator labels: app.kubernetes.io/name: elastic-operator app.kubernetes.io/instance: elastic-operator app.kubernetes.io/version: "3.2.0" helm.sh/chart: eck-operator-3.2.0 app.kubernetes.io/managed-by: Helm rules: - apiGroups: - "authorization.k8s.io" resources: - subjectaccessreviews verbs: - create - apiGroups: - coordination.k8s.io resources: - leases verbs: - create - apiGroups: - coordination.k8s.io resources: - leases resourceNames: - elastic-operator-leader verbs: - get - watch - update - apiGroups: - "" resources: - endpoints verbs: - get - list - watch - apiGroups: - "" resources: - pods - events - persistentvolumeclaims - secrets - services - configmaps verbs: - get - list - watch - create - update - patch - delete - apiGroups: - apps resources: - deployments - statefulsets - daemonsets verbs: - get - list - watch - create - update - patch - delete - apiGroups: - policy resources: - poddisruptionbudgets verbs: - get - list - watch - create - update - patch - delete - apiGroups: - elasticsearch.k8s.elastic.co resources: - elasticsearches - elasticsearches/status - elasticsearches/finalizers # needed for ownerReferences with blockOwnerDeletion on OCP verbs: - get - list - watch - create - update - patch - apiGroups: - autoscaling.k8s.elastic.co resources: - elasticsearchautoscalers - elasticsearchautoscalers/status - elasticsearchautoscalers/finalizers # needed for ownerReferences with blockOwnerDeletion on OCP verbs: - get - list - watch - create - update - patch - apiGroups: - kibana.k8s.elastic.co resources: - kibanas - kibanas/status - kibanas/finalizers # needed for ownerReferences with blockOwnerDeletion on OCP verbs: - get - list - watch - create - update - patch - apiGroups: - apm.k8s.elastic.co resources: - apmservers - apmservers/status - apmservers/finalizers # needed for ownerReferences with blockOwnerDeletion on OCP verbs: - get - list - watch - create - update - patch - apiGroups: - enterprisesearch.k8s.elastic.co resources: - enterprisesearches - enterprisesearches/status - enterprisesearches/finalizers # needed for ownerReferences with blockOwnerDeletion on OCP verbs: - get - list - watch - create - update - patch - apiGroups: - beat.k8s.elastic.co resources: - beats - beats/status - beats/finalizers # needed for ownerReferences with blockOwnerDeletion on OCP verbs: - get - list - watch - create - update - patch - apiGroups: - agent.k8s.elastic.co resources: - agents - agents/status - agents/finalizers # needed for ownerReferences with blockOwnerDeletion on OCP verbs: - get - list - watch - create - update - patch - apiGroups: - maps.k8s.elastic.co resources: - elasticmapsservers - elasticmapsservers/status - elasticmapsservers/finalizers # needed for ownerReferences with blockOwnerDeletion on OCP verbs: - get - list - watch - create - update - patch - apiGroups: - stackconfigpolicy.k8s.elastic.co resources: - stackconfigpolicies - stackconfigpolicies/status - stackconfigpolicies/finalizers # needed for ownerReferences with blockOwnerDeletion on OCP verbs: - get - list - watch - create - update - patch - apiGroups: - logstash.k8s.elastic.co resources: - logstashes - logstashes/status - logstashes/finalizers # needed for ownerReferences with blockOwnerDeletion on OCP verbs: - get - list - watch - create - update - patch - apiGroups: - storage.k8s.io resources: - storageclasses verbs: - get - list - watch - apiGroups: - admissionregistration.k8s.io resources: - validatingwebhookconfigurations verbs: - get - list - watch - create - update - patch - delete - apiGroups: - "" resources: - nodes verbs: - get - list - watch