sigs.k8s.io/azuredisk-csi-driver@v1.30.1/deploy/v2.0.0-beta.4/rbac-csi-azuredisk-node.yaml

sigs.k8s.io/azuredisk-csi-driver@v1.30.1/deploy/v2.0.0-beta.4/rbac-csi-azuredisk-node.yaml (about)

     1  ---
     2  apiVersion: v1
     3  kind: ServiceAccount
     4  metadata:
     5    name: csi-azuredisk-node-sa
     6    namespace: kube-system
     7  
     8  ---
     9  kind: ClusterRole
    10  apiVersion: rbac.authorization.k8s.io/v1
    11  metadata:
    12    name: csi-azuredisk-node-secret-role
    13    namespace: kube-system
    14  rules:
    15    - apiGroups: [""]
    16      resources: ["secrets"]
    17      verbs: ["get", "list"]
    18    - apiGroups: [""]
    19      resources: ["nodes"]
    20      verbs: ["get", "list", "watch"]
    21    - apiGroups: ["disk.csi.azure.com"]
    22      resources: ["azdrivernodes"]
    23      verbs: ["create", "get", "list", "watch", "patch", "update", "delete"]
    24    - apiGroups: ["disk.csi.azure.com"]
    25      resources: ["azvolumeattachments"]
    26      verbs: ["get", "list", "watch"]
    27    - apiGroups: ["disk.csi.azure.com"]
    28      resources: ["azvolumes"]
    29      verbs: ["get", "list", "watch"]
    30    - apiGroups: ["disk.csi.azure.com"]
    31      resources: ["azdrivernodes/status", "azvolumeattachments/status"]
    32      verbs: ["get", "patch", "update"]
    33  ---
    34  kind: ClusterRoleBinding
    35  apiVersion: rbac.authorization.k8s.io/v1
    36  metadata:
    37    name: csi-azuredisk-node-secret-binding
    38  subjects:
    39    - kind: ServiceAccount
    40      name: csi-azuredisk-node-sa
    41      namespace: kube-system
    42  roleRef:
    43    kind: ClusterRole
    44    name: csi-azuredisk-node-secret-role
    45    apiGroup: rbac.authorization.k8s.io