github.com/verrazzano/verrazzano@v1.7.0/platform-operator/helm_config/charts/verrazzano-platform-operator/templates/clusterrole.yaml

github.com/verrazzano/verrazzano@v1.7.0/platform-operator/helm_config/charts/verrazzano-platform-operator/templates/clusterrole.yaml (about)

     1  # Copyright (C) 2020, 2023, Oracle and/or its affiliates.
     2  # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
     3  apiVersion: rbac.authorization.k8s.io/v1
     4  kind: ClusterRole
     5  metadata:
     6    name: verrazzano-managed-cluster
     7  rules:
     8    - apiGroups:
     9        - clusters.verrazzano.io
    10      resources:
    11        - multiclusterapplicationconfigurations
    12        - multiclustercomponents
    13        - multiclusterconfigmaps
    14        - multiclusterloggingscopes
    15        - multiclustersecrets
    16        - verrazzanoprojects
    17        - verrazzanomanagedclusters
    18      verbs:
    19        - get
    20        - list
    21        - watch
    22    - apiGroups:
    23        - clusters.verrazzano.io
    24      resources:
    25        - multiclusterapplicationconfigurations/status
    26        - multiclustercomponents/status
    27        - multiclusterconfigmaps/status
    28        - multiclusterloggingscopes/status
    29        - multiclustersecrets/status
    30        - verrazzanoprojects/status
    31        - verrazzanomanagedclusters/status
    32      verbs:
    33        - get
    34        - list
    35        - watch
    36        - create
    37        - update
    38        - delete
    39    - apiGroups:
    40        - core.oam.dev
    41      resources:
    42        - components
    43      verbs:
    44        - get
    45        - list
    46        - watch
    47    - apiGroups:
    48        - ""
    49      resources:
    50        - secrets
    51      verbs:
    52        - get
    53        - list
    54        - watch
    55        - update
    56    - apiGroups:
    57        - batch
    58      resources:
    59        - jobs
    60        - cronjobs
    61      verbs:
    62        - get
    63        - list
    64        - watch
    65    - apiGroups:
    66        - mysql.oracle.com
    67      resources:
    68        - mysqlbackups
    69      verbs:
    70        - create
    71        - get
    72        - list
    73        - patch
    74        - update
    75        - watch
    76        - delete
    77    - apiGroups:
    78        - mysql.oracle.com
    79      resources:
    80        - mysqlbackups/status
    81      verbs:
    82        - get
    83        - patch
    84        - update
    85        - watch
    86  ---
    87  # ClusterRole verrazzano-cluster-registrar is needed for Verrazzano managed cluster operations via Rancher proxy
    88  apiVersion: rbac.authorization.k8s.io/v1
    89  kind: ClusterRole
    90  metadata:
    91    name: verrazzano-cluster-registrar
    92  rules:
    93    - apiGroups:
    94        - ""
    95      resources:
    96        - secrets
    97        - namespaces
    98      verbs:
    99        - create
   100        - update
   101        - list
   102        - get
   103        - watch
   104        - delete