github.com/metaprov/modela-operator@v0.0.0-20240118193048-f378be8b74d2/manifests/modela-system/controlplane/rbac.yaml

github.com/metaprov/modela-operator@v0.0.0-20240118193048-f378be8b74d2/manifests/modela-system/controlplane/rbac.yaml (about)

     1  apiVersion: rbac.authorization.k8s.io/v1
     2  kind: ClusterRole
     3  metadata:
     4    labels:
     5      app.kubernetes.io/name: modela-control-plane
     6      app.kubernetes.io/part-of: modela
     7    name: modela-control-plane
     8  rules:
     9    - apiGroups: ["catalog.modela.ai"] #
    10      resources:
    11        - "*"
    12      verbs:
    13        - "*"
    14    - apiGroups: ["team.modela.ai"] #
    15      resources:
    16        - "*"
    17      verbs:
    18        - "*"
    19    - apiGroups: ["data.modela.ai"]
    20      resources:
    21        - "*"
    22      verbs:
    23        - "*"
    24    - apiGroups: ["inference.modela.ai"]
    25      resources:
    26        - "*"
    27      verbs:
    28        - "*"
    29    - apiGroups: ["infra.modela.ai"]
    30      resources:
    31        - "*"
    32      verbs:
    33        - "*"
    34    - apiGroups: ["training.modela.ai"]
    35      resources:
    36        - "*"
    37      verbs:
    38        - "*"
    39    - apiGroups: [ "llm.modela.ai" ]
    40      resources:
    41        - "*"
    42      verbs:
    43        - "*"
    44    - apiGroups: ["apiextensions.k8s.io"]
    45      resources:
    46        - customresourcedefinitions
    47      verbs: ["*"]
    48    - apiGroups:
    49        - batch
    50      resources:
    51        - jobs
    52        - cronjobs
    53      verbs:
    54        - "*"
    55    - apiGroups:
    56        - "extensions"
    57        - "apps"
    58      resources:
    59        - deployments
    60      verbs:
    61        - get
    62        - list
    63        - watch
    64        - create
    65        - update
    66        - patch
    67        - delete
    68    - apiGroups: [""]
    69      resources:
    70        - pods
    71        - pods/log
    72        - configmaps
    73        - namespaces
    74        - serviceaccounts
    75        - services
    76        - events
    77        - limitranges
    78        - resourcequotas
    79        - persistentvolumes
    80        - persistentvolumeclaims
    81      verbs:
    82        - "*"
    83    - apiGroups:
    84        - "rbac.authorization.k8s.io"
    85      resources:
    86        - "*"
    87      verbs:
    88        - get
    89        - list
    90        - watch
    91        - create
    92        - update
    93        - patch
    94        - delete
    95    - apiGroups:
    96        - "metrics.k8s.io"
    97      resources:
    98        - "*"
    99      verbs:
   100        - '*'
   101    - apiGroups:
   102        - "extensions"
   103        - "networking.k8s.io"
   104      resources:
   105        - ingresses
   106      verbs: ["*"]
   107  ---
   108  
   109  apiVersion: rbac.authorization.k8s.io/v1
   110  kind: ClusterRoleBinding
   111  metadata:
   112    labels:
   113      app.kubernetes.io/name: modela-control-plane
   114      app.kubernetes.io/part-of: modela
   115    name: modela-control-plane
   116  roleRef:
   117    apiGroup: rbac.authorization.k8s.io
   118    kind: ClusterRole
   119    name: modela-control-plane
   120  subjects:
   121    - kind: User
   122      apiGroup: rbac.authorization.k8s.io
   123      name: system:serviceaccount:modela-system:modela-control-plane
   124      namespace: modela-system
   125  ---
   126  
   127  apiVersion: v1
   128  kind: ServiceAccount
   129  metadata:
   130    labels:
   131      app.kubernetes.io/name: modela-control-plane
   132      app.kubernetes.io/part-of: modela
   133    name: modela-control-plane
   134    namespace: modela-system