alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions 2 Activity
Files
7a96d06727fd91df4a3d8549a246187402b0d55f
infrastructure/clusters/cl01tl/manifests/rook-ceph/ClusterRole-rook-ceph-system.yaml
gitea-bot 7a96d06727 Automated Manifest Update (#2259) 
This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow.

Reviewed-on: #2259
Co-authored-by: gitea-bot <gitea-bot@alexlebens.net>
Co-committed-by: gitea-bot <gitea-bot@alexlebens.net>
2025-12-04 21:47:46 +00:00

46 lines
1.8 KiB
YAML
Raw Blame History

---
# Source: rook-ceph/charts/rook-ceph/templates/clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rook-ceph-system
labels:
operator: rook
storage-backend: ceph
app.kubernetes.io/name: rook-ceph
app.kubernetes.io/instance: rook-ceph
app.kubernetes.io/version: v1.18.8
app.kubernetes.io/part-of: rook-ceph-operator
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/created-by: helm
helm.sh/chart: "rook-ceph-v1.18.8"
rules:
# Most resources are represented by a string representation of their name, such as "pods", just as it appears in the URL for the relevant API endpoint.
# However, some Kubernetes APIs involve a "subresource", such as the logs for a pod. [...]
# To represent this in an RBAC role, use a slash to delimit the resource and subresource.
# https://kubernetes.io/docs/reference/access-authn-authz/rbac/#referring-to-resources
- apiGroups: [""]
resources: ["pods", "pods/log"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["create"]
- apiGroups: ["csiaddons.openshift.io"]
resources: ["networkfences"]
verbs: ["create", "get", "update", "delete", "watch", "list", "deletecollection"]
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
verbs: ["get"]
- apiGroups: ["csi.ceph.io"]
resources: ["cephconnections"]
verbs: ["create", "delete", "get", "list", "update", "watch"]
- apiGroups: ["csi.ceph.io"]
resources: ["clientprofiles"]
verbs: ["create", "delete", "get", "list", "update", "watch"]
- apiGroups: ["csi.ceph.io"]
resources: ["operatorconfigs"]
verbs: ["create", "delete", "get", "list", "update", "watch"]
- apiGroups: ["csi.ceph.io"]
resources: ["drivers"]
verbs: ["create", "delete", "get", "list", "update", "watch"]
Reference in New Issue View Git Blame Copy Permalink