github.com/percona/percona-xtradb-cluster-operator@v1.14.0/deploy/cw-rbac.yaml (about) 1 kind: ClusterRole 2 apiVersion: rbac.authorization.k8s.io/v1 3 metadata: 4 name: percona-xtradb-cluster-operator 5 rules: 6 - apiGroups: 7 - pxc.percona.com 8 resources: 9 - perconaxtradbclusters 10 - perconaxtradbclusters/status 11 - perconaxtradbclusterbackups 12 - perconaxtradbclusterbackups/status 13 - perconaxtradbclusterrestores 14 - perconaxtradbclusterrestores/status 15 verbs: 16 - get 17 - list 18 - watch 19 - create 20 - update 21 - patch 22 - delete 23 - apiGroups: 24 - admissionregistration.k8s.io 25 resources: 26 - validatingwebhookconfigurations 27 verbs: 28 - get 29 - list 30 - watch 31 - create 32 - update 33 - patch 34 - delete 35 - apiGroups: 36 - "" 37 resources: 38 - pods 39 - pods/exec 40 - pods/log 41 - configmaps 42 - services 43 - persistentvolumeclaims 44 - secrets 45 verbs: 46 - get 47 - list 48 - watch 49 - create 50 - update 51 - patch 52 - delete 53 - apiGroups: 54 - apps 55 resources: 56 - deployments 57 - replicasets 58 - statefulsets 59 verbs: 60 - get 61 - list 62 - watch 63 - create 64 - update 65 - patch 66 - delete 67 - apiGroups: 68 - batch 69 resources: 70 - jobs 71 - cronjobs 72 verbs: 73 - get 74 - list 75 - watch 76 - create 77 - update 78 - patch 79 - delete 80 - apiGroups: 81 - policy 82 resources: 83 - poddisruptionbudgets 84 verbs: 85 - get 86 - list 87 - watch 88 - create 89 - update 90 - patch 91 - delete 92 - apiGroups: 93 - coordination.k8s.io 94 resources: 95 - leases 96 verbs: 97 - get 98 - list 99 - watch 100 - create 101 - update 102 - patch 103 - delete 104 - apiGroups: 105 - "" 106 resources: 107 - events 108 verbs: 109 - create 110 - patch 111 - apiGroups: 112 - certmanager.k8s.io 113 - cert-manager.io 114 resources: 115 - issuers 116 - certificates 117 verbs: 118 - get 119 - list 120 - watch 121 - create 122 - update 123 - patch 124 - delete 125 - deletecollection 126 --- 127 apiVersion: v1 128 kind: ServiceAccount 129 metadata: 130 name: percona-xtradb-cluster-operator 131 --- 132 kind: ClusterRoleBinding 133 apiVersion: rbac.authorization.k8s.io/v1 134 metadata: 135 name: service-account-percona-xtradb-cluster-operator 136 subjects: 137 - kind: ServiceAccount 138 name: percona-xtradb-cluster-operator 139 namespace: "pxc-operator" 140 roleRef: 141 kind: ClusterRole 142 name: percona-xtradb-cluster-operator 143 apiGroup: rbac.authorization.k8s.io