config/rbac/policyendpoint_editor_role.yaml (30 lines of code) (raw):
# permissions for end users to edit policyendpoints.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: clusterrole
app.kubernetes.io/instance: policyendpoint-editor-role
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: amazon-network-policy-controller-k8s
app.kubernetes.io/part-of: amazon-network-policy-controller-k8s
app.kubernetes.io/managed-by: kustomize
name: policyendpoint-editor-role
rules:
- apiGroups:
- networking.k8s.aws
resources:
- policyendpoints
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- networking.k8s.aws
resources:
- policyendpoints/status
verbs:
- get