# permissions for end users to view policyendpoints. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: policyendpoint-viewer-role app.kubernetes.io/component: rbac app.kubernetes.io/created-by: amazon-network-policy-controller-k8s app.kubernetes.io/part-of: amazon-network-policy-controller-k8s app.kubernetes.io/managed-by: kustomize name: policyendpoint-viewer-role rules: - apiGroups: - networking.k8s.aws resources: - policyendpoints verbs: - get - list - watch - apiGroups: - networking.k8s.aws resources: - policyendpoints/status verbs: - get