github.com/midokura/kubeedge@v1.2.0-mido.0/build/admission/clusterrole.yaml

github.com/midokura/kubeedge@v1.2.0-mido.0/build/admission/clusterrole.yaml (about)

     1  kind: ClusterRole
     2  apiVersion: rbac.authorization.k8s.io/v1
     3  metadata:
     4    name: kubeedge-admission
     5  rules:
     6    - apiGroups: ["admissionregistration.k8s.io"]
     7      resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"]
     8      verbs: ["get", "list", "watch", "create", "update"]
     9    # Rules below is used generate admission service secret
    10    - apiGroups: ["certificates.k8s.io"]
    11      resources: ["certificatesigningrequests"]
    12      verbs: ["get", "list", "create", "delete"]
    13    - apiGroups: ["certificates.k8s.io"]
    14      resources: ["certificatesigningrequests/approval"]
    15      verbs: ["create", "update"]
    16    - apiGroups: [""]
    17      resources: ["secrets"]
    18      verbs: ["create", "get", "patch"]
    19    - apiGroups: [""]
    20      resources: ["services"]
    21      verbs: ["get"]
    22    - apiGroups: ["devices.kubeedge.io"]
    23      resources: ["devicemodels"]
    24      verbs: ["get", "list"]