Merge pull request #2701 from fluxcd/add-sa-read
Grant service account read-only access to controllers
This commit is contained in:
Stefan Prodan
@@ -23,6 +23,8 @@ rules:
|
|||||||
resources:
|
resources:
|
||||||
- namespaces
|
- namespaces
|
||||||
- secrets
|
- secrets
|
||||||
|
- configmaps
|
||||||
|
- serviceaccounts
|
||||||
verbs:
|
verbs:
|
||||||
- get
|
- get
|
||||||
- list
|
- list
|
||||||
@@ -34,11 +36,11 @@ rules:
|
|||||||
verbs:
|
verbs:
|
||||||
- create
|
- create
|
||||||
- patch
|
- patch
|
||||||
|
# required by leader election
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
- ""
|
- ""
|
||||||
resources:
|
resources:
|
||||||
- configmaps
|
- configmaps
|
||||||
- configmaps/status
|
|
||||||
verbs:
|
verbs:
|
||||||
- get
|
- get
|
||||||
- list
|
- list
|
||||||
@@ -47,6 +49,14 @@ rules:
|
|||||||
- update
|
- update
|
||||||
- patch
|
- patch
|
||||||
- delete
|
- delete
|
||||||
|
- apiGroups:
|
||||||
|
- ""
|
||||||
|
resources:
|
||||||
|
- configmaps/status
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
|
- update
|
||||||
|
- patch
|
||||||
- apiGroups:
|
- apiGroups:
|
||||||
- "coordination.k8s.io"
|
- "coordination.k8s.io"
|
||||||
resources:
|
resources:
|
||||||
|
|||||||
Reference in New Issue
Block a user