github.com/SamarSidharth/kpt@v0.0.0-20231122062228-c7d747ae3ace/package-examples/cert-manager-basic/webhook/role-cert-manager-webhook-dynamic-serving.yaml

github.com/SamarSidharth/kpt@v0.0.0-20231122062228-c7d747ae3ace/package-examples/cert-manager-basic/webhook/role-cert-manager-webhook-dynamic-serving.yaml (about)

     1  # Source: cert-manager/templates/webhook-rbac.yaml
     2  apiVersion: rbac.authorization.k8s.io/v1
     3  kind: Role
     4  metadata:
     5    name: cert-manager-webhook:dynamic-serving
     6    namespace: "cert-manager"
     7    labels:
     8      app: webhook
     9      app.kubernetes.io/name: webhook
    10      app.kubernetes.io/instance: cert-manager
    11      app.kubernetes.io/component: "webhook"
    12      app.kubernetes.io/version: "v1.8.2"
    13  rules:
    14  - apiGroups: [""]
    15    resources: ["secrets"]
    16    resourceNames:
    17    - 'cert-manager-webhook-ca'
    18    verbs: ["get", "list", "watch", "update"]
    19  # It's not possible to grant CREATE permission on a single resourceName.
    20  - apiGroups: [""]
    21    resources: ["secrets"]
    22    verbs: ["create"]
    23