Skip to content

Commit b1cc1fb

Browse files
bene2k1bene2k1
authored
Apply suggestions from code review
1 parent c11ab1e commit b1cc1fb

File tree

1 file changed

+140
-28
lines changed

1 file changed

+140
-28
lines changed

pages/kubernetes/reference-content/set-iam-permissions-and-implement-rbac.mdx

Lines changed: 140 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -205,33 +205,145 @@ Default content:
205205
apiVersion: rbac.authorization.k8s.io/v1
206206
kind: ClusterRole
207207
metadata:
208-
name: scaleway:cluster-read
208+
name: scaleway:cluster-read
209209
rules:
210-
- verbs: ["get", "list", "watch"]
211-
apiGroups: [""]
212-
resources: ["bindings", "configmaps", "endpoints", "events", "limitranges", "namespaces", "namespaces/status", "nodes", "persistentvolumeclaims", "persistentvolumeclaims/status", "pods", "pods/log", "pods/status", "replicationcontrollers", "replicationcontrollers/scale", "replicationcontrollers/status", "resourcequotas", "resourcequotas/status", "serviceaccounts", "services", "services/status"]
213-
- verbs: ["get", "list", "watch"]
214-
apiGroups: ["metrics.k8s.io"]
215-
resources: ["pods", "nodes"]
216-
- verbs: ["get", "list", "watch"]
217-
apiGroups: ["apps"]
218-
resources: ["controllerrevisions", "daemonsets", "daemonsets/status", "deployments", "deployments/scale", "deployments/status", "replicasets", "replicasets/scale", "replicasets/status", "statefulsets", "statefulsets/scale", "statefulsets/status"]
219-
- verbs: ["get", "list", "watch"]
220-
apiGroups: ["autoscaling"]
221-
resources: ["horizontalpodautoscalers", "horizontalpodautoscalers/status"]
222-
- verbs: ["get", "list", "watch"]
223-
apiGroups: ["batch"]
224-
resources: ["cronjobs", "cronjobs/status", "jobs", "jobs/status"]
225-
- verbs: ["get", "list", "watch"]
226-
apiGroups: ["extensions"]
227-
resources: ["daemonsets", "daemonsets/status", "deployments", "deployments/scale", "deployments/status", "ingresses", "ingresses/status", "networkpolicies", "replicasets", "replicasets/scale", "replicasets/status", "replicationcontrollers/scale"]
228-
- verbs: ["get", "list", "watch"]
229-
apiGroups: ["policy"]
230-
resources: ["poddisruptionbudgets", "poddisruptionbudgets/status"]
231-
- verbs: ["get", "list", "watch"]
232-
apiGroups: ["networking.k8s.io"]
233-
resources: ["ingresses", "ingresses/status", "networkpolicies"]
234-
- verbs: ["get", "list", "watch"]
235-
apiGroups: ["rbac.authorization.k8s.io"]
236-
resources: ["rolebindings", "roles"]
210+
- verbs:
211+
- get
212+
- list
213+
- watch
214+
apiGroups:
215+
- ''
216+
resources:
217+
- bindings
218+
- configmaps
219+
- endpoints
220+
- events
221+
- limitranges
222+
- namespaces
223+
- namespaces/status
224+
- nodes
225+
- persistentvolumeclaims
226+
- persistentvolumeclaims/status
227+
- pods
228+
- pods/log
229+
- pods/status
230+
- replicationcontrollers
231+
- replicationcontrollers/scale
232+
- replicationcontrollers/status
233+
- resourcequotas
234+
- resourcequotas/status
235+
- serviceaccounts
236+
- services
237+
- services/status
238+
239+
240+
- verbs:
241+
- get
242+
- list
243+
- watch
244+
apiGroups:
245+
- metrics.k8s.io
246+
resources:
247+
- pods
248+
- nodes
249+
250+
251+
- verbs:
252+
- get
253+
- list
254+
- watch
255+
apiGroups:
256+
- apps
257+
resources:
258+
- controllerrevisions
259+
- daemonsets
260+
- daemonsets/status
261+
- deployments
262+
- deployments/scale
263+
- deployments/status
264+
- replicasets
265+
- replicasets/scale
266+
- replicasets/status
267+
- statefulsets
268+
- statefulsets/scale
269+
- statefulsets/status
270+
271+
272+
- verbs:
273+
- get
274+
- list
275+
- watch
276+
apiGroups:
277+
- autoscaling
278+
resources:
279+
- horizontalpodautoscalers
280+
- horizontalpodautoscalers/status
281+
282+
283+
- verbs:
284+
- get
285+
- list
286+
- watch
287+
apiGroups:
288+
- batch
289+
resources:
290+
- cronjobs
291+
- cronjobs/status
292+
- jobs
293+
- jobs/status
294+
295+
296+
- verbs:
297+
- get
298+
- list
299+
- watch
300+
apiGroups:
301+
- extensions
302+
resources:
303+
- daemonsets
304+
- daemonsets/status
305+
- deployments
306+
- deployments/scale
307+
- deployments/status
308+
- ingresses
309+
- ingresses/status
310+
- networkpolicies
311+
- replicasets
312+
- replicasets/scale
313+
- replicasets/status
314+
- replicationcontrollers/scale
315+
316+
317+
- verbs:
318+
- get
319+
- list
320+
- watch
321+
apiGroups:
322+
- policy
323+
resources:
324+
- poddisruptionbudgets
325+
- poddisruptionbudgets/status
326+
327+
328+
- verbs:
329+
- get
330+
- list
331+
- watch
332+
apiGroups:
333+
- networking.k8s.io
334+
resources:
335+
- ingresses
336+
- ingresses/status
337+
- networkpolicies
338+
339+
340+
- verbs:
341+
- get
342+
- list
343+
- watch
344+
apiGroups:
345+
- rbac.authorization.k8s.io
346+
resources:
347+
- rolebindings
348+
- roles
237349
```

0 commit comments

Comments
 (0)