github.com/verrazzano/verrazzano@v1.7.1/platform-operator/helm_config/charts/verrazzano-cluster-operator/templates/clusterrole.yaml (about) 1 # Copyright (C) 2022, 2023, Oracle and/or its affiliates. 2 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 apiVersion: rbac.authorization.k8s.io/v1 4 kind: ClusterRole 5 metadata: 6 name: verrazzano-cluster-operator 7 rules: 8 - apiGroups: 9 - admissionregistration.k8s.io 10 resources: 11 - validatingwebhookconfigurations 12 - mutatingwebhookconfigurations 13 verbs: 14 - create 15 - get 16 - list 17 - patch 18 - update 19 - apiGroups: 20 - apiextensions.k8s.io 21 resources: 22 - customresourcedefinitions 23 verbs: 24 - get 25 - list 26 - watch 27 - apiGroups: 28 - networking.istio.io 29 resources: 30 - destinationrules 31 - serviceentries 32 verbs: 33 - create 34 - update 35 - delete 36 - get 37 - list 38 - watch 39 - apiGroups: 40 - clusters.verrazzano.io 41 resources: 42 - verrazzanomanagedclusters 43 - verrazzanomanagedclusters/status 44 - ocneociquickcreates 45 - ocneociquickcreates/status 46 - okequickcreates 47 - okequickcreates/status 48 verbs: 49 - create 50 - update 51 - delete 52 - get 53 - list 54 - patch 55 - watch 56 - apiGroups: 57 - install.verrazzano.io 58 resources: 59 - verrazzanos 60 verbs: 61 - get 62 - list 63 - watch 64 - apiGroups: 65 - "" 66 resources: 67 - serviceaccounts 68 - configmaps 69 - endpoints 70 - secrets 71 - services 72 - pods/exec 73 - namespaces 74 verbs: 75 - create 76 - get 77 - list 78 - update 79 - watch 80 - delete 81 - apiGroups: 82 - "" 83 resources: 84 - pods 85 verbs: 86 - get 87 - list 88 - watch 89 - apiGroups: 90 - apps 91 resources: 92 - deployments 93 verbs: 94 - get 95 - list 96 - update 97 - watch 98 - apiGroups: 99 - networking.k8s.io 100 resources: 101 - ingresses 102 verbs: 103 - get 104 - list 105 - watch 106 - apiGroups: 107 - rbac.authorization.k8s.io 108 resources: 109 - rolebindings 110 verbs: 111 - create 112 - get 113 - list 114 - update 115 - watch 116 - apiGroups: 117 - management.cattle.io 118 resources: 119 - clusters 120 - users 121 verbs: 122 - update 123 - get 124 - list 125 - watch 126 - apiGroups: 127 - infrastructure.cluster.x-k8s.io 128 resources: 129 - ociclusteridentities 130 verbs: 131 - get 132 - apiGroups: 133 - infrastructure.cluster.x-k8s.io 134 - controlplane.cluster.x-k8s.io 135 - bootstrap.cluster.x-k8s.io 136 - addons.cluster.x-k8s.io 137 resources: 138 - ocimanagedmachinepools 139 - ociclusters 140 - ocivirtualmachinepools 141 - ocimanagedclusters 142 - ocimanagedcontrolplanes 143 - ocimachinetemplates 144 - ocimanagedmachinepool 145 - ocnecontrolplanes 146 - ocneconfigtemplates 147 - clusterresourcesets 148 verbs: 149 - get 150 - create 151 - update 152 - apiGroups: 153 - controlplane.cluster.x-k8s.io 154 resources: 155 - ocimanagedcontrolplanes 156 - ocnecontrolplanes 157 verbs: 158 - list 159 - apiGroups: 160 - cluster.x-k8s.io 161 resources: 162 - clusters 163 - machinedeployments 164 - machinepools 165 verbs: 166 - create 167 - update 168 - get 169 - list 170 - watch 171 - apiGroups: 172 - cluster.x-k8s.io 173 resources: 174 - clusterclasses 175 verbs: 176 - get 177 - list 178 - watch 179 - apiGroups: 180 - apiextensions.k8s.io 181 resources: 182 - customresourcedefinitions 183 verbs: 184 - get 185 - apiGroups: 186 - management.cattle.io 187 resources: 188 - clusterroletemplatebindings 189 verbs: 190 - create 191 - update 192 - get 193 - list 194 - watch