github.com/oam-dev/cluster-gateway@v1.9.0/charts/addon-manager/templates/clusterroles.yaml (about)

     1  apiVersion: rbac.authorization.k8s.io/v1
     2  kind: ClusterRole
     3  metadata:
     4    name: open-cluster-management:cluster-gateway:managedcluster-reader
     5  rules:
     6    - apiGroups:
     7        - cluster.open-cluster-management.io
     8      resources:
     9        - managedclusters
    10      verbs:
    11        - get
    12        - list
    13        - watch
    14    - apiGroups:
    15        - authentication.open-cluster-management.io
    16      resources:
    17        - managedserviceaccounts
    18      verbs:
    19        - "*"
    20    - apiGroups:
    21        - proxy.open-cluster-management.io
    22      resources:
    23        - clustergatewayconfigurations
    24      verbs:
    25        - "*"
    26    - apiGroups:
    27        - cluster.core.oam.dev
    28      resources:
    29        - clustergateways/health
    30        - clustergateways/proxy
    31      verbs:
    32        - "*"
    33    - apiGroups:
    34        - ""
    35      resources:
    36        - namespaces
    37        - secrets
    38        - configmaps
    39        - events
    40        - serviceaccounts
    41        - services
    42      verbs:
    43        - "*"
    44    - apiGroups:
    45        - apps
    46      resources:
    47        - deployments
    48      verbs:
    49        - "*"
    50    - apiGroups:
    51        - work.open-cluster-management.io
    52      resources:
    53        - manifestworks
    54      verbs:
    55        - "*"
    56    - apiGroups:
    57        - addon.open-cluster-management.io
    58      resources:
    59        - clustermanagementaddons
    60        - managedclusteraddons
    61        - clustermanagementaddons/status
    62        - managedclusteraddons/status
    63      verbs:
    64        - get
    65        - list
    66        - watch
    67        - create
    68        - update
    69        - patch
    70    - apiGroups:
    71        - certificates.k8s.io
    72      resources:
    73        - certificatesigningrequests
    74      verbs:
    75        - get
    76        - list
    77        - watch
    78    - apiGroups:
    79        - admissionregistration.k8s.io
    80      resources:
    81        - mutatingwebhookconfigurations
    82        - validatingwebhookconfigurations
    83      verbs:
    84        - get
    85        - list
    86        - watch
    87    - apiGroups:
    88        - flowcontrol.apiserver.k8s.io
    89      resources:
    90        - prioritylevelconfigurations
    91        - flowschemas
    92      verbs:
    93        - get
    94        - list
    95        - watch
    96    - apiGroups:
    97        - rbac.authorization.k8s.io
    98      resources:
    99        - clusterroles
   100        - clusterrolebindings
   101      verbs:
   102        - create
   103        - bind
   104    - apiGroups:
   105        - rbac.authorization.k8s.io
   106      resources:
   107        - roles
   108        - rolebindings
   109      verbs:
   110        - create
   111    - apiGroups:
   112        - coordination.k8s.io
   113      resources:
   114        - leases
   115      verbs:
   116        - "*"
   117    - apiGroups:
   118        - apiregistration.k8s.io
   119      resources:
   120        - apiservices
   121      verbs:
   122        - "*"
   123    - apiGroups:
   124        - authorization.k8s.io
   125      resources:
   126        - subjectaccessreviews
   127      verbs:
   128        - "*"