140 lines
2.6 KiB
YAML
140 lines
2.6 KiB
YAML
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/instance: external-secrets
|
|
app.kubernetes.io/name: external-secrets
|
|
app.kubernetes.io/version: v0.15.1
|
|
name: external-secrets-controller
|
|
rules:
|
|
- apiGroups:
|
|
- external-secrets.io
|
|
resources:
|
|
- secretstores
|
|
- clustersecretstores
|
|
- externalsecrets
|
|
- clusterexternalsecrets
|
|
- pushsecrets
|
|
- clusterpushsecrets
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- external-secrets.io
|
|
resources:
|
|
- externalsecrets
|
|
- externalsecrets/status
|
|
- externalsecrets/finalizers
|
|
- secretstores
|
|
- secretstores/status
|
|
- secretstores/finalizers
|
|
- clustersecretstores
|
|
- clustersecretstores/status
|
|
- clustersecretstores/finalizers
|
|
- clusterexternalsecrets
|
|
- clusterexternalsecrets/status
|
|
- clusterexternalsecrets/finalizers
|
|
- pushsecrets
|
|
- pushsecrets/status
|
|
- pushsecrets/finalizers
|
|
- clusterpushsecrets
|
|
- clusterpushsecrets/status
|
|
- clusterpushsecrets/finalizers
|
|
verbs:
|
|
- get
|
|
- update
|
|
- patch
|
|
- apiGroups:
|
|
- generators.external-secrets.io
|
|
resources:
|
|
- generatorstates
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- create
|
|
- update
|
|
- patch
|
|
- delete
|
|
- deletecollection
|
|
- apiGroups:
|
|
- generators.external-secrets.io
|
|
resources:
|
|
- acraccesstokens
|
|
- clustergenerators
|
|
- ecrauthorizationtokens
|
|
- fakes
|
|
- gcraccesstokens
|
|
- githubaccesstokens
|
|
- quayaccesstokens
|
|
- passwords
|
|
- stssessiontokens
|
|
- uuids
|
|
- vaultdynamicsecrets
|
|
- webhooks
|
|
- grafanas
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- serviceaccounts
|
|
- namespaces
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- configmaps
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- secrets
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- create
|
|
- update
|
|
- delete
|
|
- patch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- serviceaccounts/token
|
|
verbs:
|
|
- create
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- events
|
|
verbs:
|
|
- create
|
|
- patch
|
|
- apiGroups:
|
|
- external-secrets.io
|
|
resources:
|
|
- externalsecrets
|
|
verbs:
|
|
- create
|
|
- update
|
|
- delete
|
|
- apiGroups:
|
|
- external-secrets.io
|
|
resources:
|
|
- pushsecrets
|
|
verbs:
|
|
- create
|
|
- update
|
|
- delete
|