Ben Vincent
c88b19a216
- ensure all service accounts are labelled with role/cluster - add additional api endpoints to cluster roles
27 lines
569 B
YAML
27 lines
569 B
YAML
---
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
- "postgresql.cnpg.io"
|
|
- "cert-manager.io"
|
|
- "rbac.authorization.k8s.io"
|
|
- "batch"
|
|
- "secrets.hashicorp.com"
|
|
- "storage.k8s.io"
|
|
- "apps"
|
|
- "apiextensions.k8s.io"
|
|
- "externaldns.k8s.io"
|
|
- "autoscaling"
|
|
- "networking.k8s.io"
|
|
- "purelb.io"
|
|
- "nfd.k8s-sigs.io"
|
|
- "policy"
|
|
- "metrics.k8s.io"
|
|
- "logstash.k8s.elastic.co"
|
|
- "elasticsearch.k8s.elastic.co"
|
|
- "kibana.k8s.elastic.co"
|
|
resources:
|
|
- "*"
|
|
verbs:
|
|
- "*"
|