You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
---apiVersion: rbac.authorization.k8s.io/v1kind: Rolemetadata: name: ingress-nginx namespace: {{ ingress_nginx_namespace }} labels: app.kubernetes.io/name: ingress-nginx app.kubernetes.io/part-of: ingress-nginxrules: - apiGroups: [""] resources: ["namespaces"] verbs: ["get"] - apiGroups: [""] resources: ["configmaps", "pods", "secrets", "endpoints"] verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["services"] verbs: ["get", "list", "watch"] - apiGroups: ["extensions", "networking.k8s.io"] resources: ["ingresses"] verbs: ["get", "list", "watch"] - apiGroups: ["extensions", "networking.k8s.io"] resources: ["ingresses/status"] verbs: ["update"] - apiGroups: ["networking.k8s.io"] resources: ["ingressclasses"] verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["configmaps"] # Defaults to "<election-id>-<ingress-class>" # Here: "<ingress-controller-leader>-<nginx>" # This has to be adapted if you change either parameter # when launching the nginx-ingress-controller. resourceNames: ["ingress-controller-leader-nginx"] verbs: ["get", "update"] - apiGroups: [""] resources: ["configmaps"] verbs: ["create"] - apiGroups: [""] resources: ["events"] verbs: ["create", "patch"] - apiGroups: ["policy"] resourceNames: ["ingress-nginx"] resources: ["podsecuritypolicies"] verbs: ["use"]
|
