From 0a41f6f504ceca3043ca608c10e585cd047d35f2 Mon Sep 17 00:00:00 2001 From: Stano Bocinec <stano@redpanda.com> Date: Thu, 4 May 2023 16:56:50 +0200 Subject: [PATCH] RBAC - compact rules Signed-off-by: Stano Bocinec <stano@redpanda.com> --- .../chart/local-path-provisioner/templates/clusterrole.yaml | 5 +---- deploy/local-path-storage.yaml | 5 +---- examples/quota/local-path-storage.yaml | 5 +---- 3 files changed, 3 insertions(+), 12 deletions(-) diff --git a/deploy/chart/local-path-provisioner/templates/clusterrole.yaml b/deploy/chart/local-path-provisioner/templates/clusterrole.yaml index fd4f40b1..b7816085 100644 --- a/deploy/chart/local-path-provisioner/templates/clusterrole.yaml +++ b/deploy/chart/local-path-provisioner/templates/clusterrole.yaml @@ -7,10 +7,7 @@ metadata: {{ include "local-path-provisioner.labels" . | indent 4 }} rules: - apiGroups: [""] - resources: ["nodes", "persistentvolumeclaims", "configmaps"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["pods"] + resources: ["nodes", "persistentvolumeclaims", "configmaps", "pods"] verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["persistentvolumes"] diff --git a/deploy/local-path-storage.yaml b/deploy/local-path-storage.yaml index 3e10c3da..2b6b68ee 100644 --- a/deploy/local-path-storage.yaml +++ b/deploy/local-path-storage.yaml @@ -28,10 +28,7 @@ metadata: name: local-path-provisioner-role rules: - apiGroups: [""] - resources: ["nodes", "persistentvolumeclaims", "configmaps"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["pods"] + resources: ["nodes", "persistentvolumeclaims", "configmaps", "pods"] verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["persistentvolumes"] diff --git a/examples/quota/local-path-storage.yaml b/examples/quota/local-path-storage.yaml index 136e93c5..30e3c61b 100644 --- a/examples/quota/local-path-storage.yaml +++ b/examples/quota/local-path-storage.yaml @@ -28,10 +28,7 @@ metadata: name: local-path-provisioner-role rules: - apiGroups: [""] - resources: ["nodes", "persistentvolumeclaims", "configmaps"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["pods"] + resources: ["nodes", "persistentvolumeclaims", "configmaps", "pods"] verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["persistentvolumes"] -- GitLab