sigs.k8s.io/azuredisk-csi-driver@v1.30.1/deploy/v2.0.0-beta.4/rbac-csi-azuredisk-node.yaml (about) 1 --- 2 apiVersion: v1 3 kind: ServiceAccount 4 metadata: 5 name: csi-azuredisk-node-sa 6 namespace: kube-system 7 8 --- 9 kind: ClusterRole 10 apiVersion: rbac.authorization.k8s.io/v1 11 metadata: 12 name: csi-azuredisk-node-secret-role 13 namespace: kube-system 14 rules: 15 - apiGroups: [""] 16 resources: ["secrets"] 17 verbs: ["get", "list"] 18 - apiGroups: [""] 19 resources: ["nodes"] 20 verbs: ["get", "list", "watch"] 21 - apiGroups: ["disk.csi.azure.com"] 22 resources: ["azdrivernodes"] 23 verbs: ["create", "get", "list", "watch", "patch", "update", "delete"] 24 - apiGroups: ["disk.csi.azure.com"] 25 resources: ["azvolumeattachments"] 26 verbs: ["get", "list", "watch"] 27 - apiGroups: ["disk.csi.azure.com"] 28 resources: ["azvolumes"] 29 verbs: ["get", "list", "watch"] 30 - apiGroups: ["disk.csi.azure.com"] 31 resources: ["azdrivernodes/status", "azvolumeattachments/status"] 32 verbs: ["get", "patch", "update"] 33 --- 34 kind: ClusterRoleBinding 35 apiVersion: rbac.authorization.k8s.io/v1 36 metadata: 37 name: csi-azuredisk-node-secret-binding 38 subjects: 39 - kind: ServiceAccount 40 name: csi-azuredisk-node-sa 41 namespace: kube-system 42 roleRef: 43 kind: ClusterRole 44 name: csi-azuredisk-node-secret-role 45 apiGroup: rbac.authorization.k8s.io