alibaba/kt-connect

View on GitHub
docs/deploy/rbac/connect-only-full.yaml

Summary

Maintainability
Test Coverage
# full permission role for connect command only
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: kt-cluster-role
rules:
  - apiGroups:
      - ""
    resources:
      - namespaces
    verbs:
      - list
  - apiGroups:
      - ""
    resources:
      - pods
    verbs:
      - create
      - delete
      - get
      - list
      - patch
  - apiGroups:
      - ""
    resources:
      - configmaps
    verbs:
      - create
      - delete
      - get
      - patch
  - apiGroups:
      - apps
    resources:
      - deployments
    verbs:
      - create
      - delete
      - get
      - list
      - patch
  - apiGroups:
      - ""
    resources:
      - services
    verbs:
      - list
  - apiGroups:
      - ""
    resources:
      - pods/exec
      - pods/portforward
    verbs:
      - create
  - apiGroups:
      - extensions
    resources:
      - ingresses
    verbs:
      - list