# Code generated by hack/gendiscoverycache; DO NOT EDIT. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null name: system:aro-sre rules: - apiGroups: - "" resources: - componentstatuses verbs: - get - list - apiGroups: - "" resources: - configmaps - endpoints - events - limitranges - namespaces - nodes - persistentvolumeclaims - persistentvolumes - pods - podtemplates - replicationcontrollers - resourcequotas - serviceaccounts - services verbs: - get - list - watch - apiGroups: - "" resources: - pods/log verbs: - get - apiGroups: - admissionregistration.k8s.io resources: - mutatingwebhookconfigurations - validatingwebhookconfigurations verbs: - get - list - watch - apiGroups: - apiextensions.k8s.io resources: - customresourcedefinitions verbs: - get - list - watch - apiGroups: - apiregistration.k8s.io resources: - apiservices verbs: - get - list - watch - apiGroups: - apiserver.openshift.io resources: - apirequestcounts verbs: - get - list - watch - apiGroups: - apps resources: - controllerrevisions - daemonsets - deployments - replicasets - statefulsets verbs: - get - list - watch - apiGroups: - apps.openshift.io resources: - deploymentconfigs verbs: - get - list - watch - apiGroups: - apps.openshift.io resources: - deploymentconfigs/log verbs: - get - apiGroups: - aro.openshift.io resources: - clusters verbs: - get - list - watch - apiGroups: - authentication.k8s.io resources: - tokenreviews verbs: - create - apiGroups: - authorization.k8s.io resources: - selfsubjectaccessreviews - selfsubjectrulesreviews - subjectaccessreviews verbs: - create - apiGroups: - authorization.openshift.io resources: - clusterrolebindings - clusterroles - rolebindings - roles verbs: - get - list - apiGroups: - authorization.openshift.io resources: - resourceaccessreviews - subjectaccessreviews verbs: - create - apiGroups: - authorization.openshift.io resources: - rolebindingrestrictions verbs: - get - list - watch - apiGroups: - autoscaling resources: - horizontalpodautoscalers verbs: - get - list - watch - apiGroups: - autoscaling.openshift.io resources: - clusterautoscalers - machineautoscalers verbs: - get - list - watch - apiGroups: - batch resources: - cronjobs - jobs verbs: - get - list - watch - apiGroups: - build.openshift.io resources: - buildconfigs - builds verbs: - get - list - watch - apiGroups: - build.openshift.io resources: - builds/log verbs: - get - apiGroups: - certificates.k8s.io resources: - certificatesigningrequests verbs: - get - list - watch - apiGroups: - cloud.network.openshift.io resources: - cloudprivateipconfigs verbs: - get - list - watch - apiGroups: - cloudcredential.openshift.io resources: - credentialsrequests verbs: - get - list - watch - apiGroups: - config.openshift.io resources: - apiservers - authentications - builds - clusteroperators - clusterversions - consoles - dnses - featuregates - imagecontentpolicies - images - infrastructures - ingresses - networks - nodes - oauths - operatorhubs - projects - proxies - schedulers verbs: - get - list - watch - apiGroups: - console.openshift.io resources: - consoleclidownloads - consoleexternalloglinks - consolelinks - consolenotifications - consoleplugins - consolequickstarts - consoleyamlsamples verbs: - get - list - watch - apiGroups: - controlplane.operator.openshift.io resources: - podnetworkconnectivitychecks verbs: - get - list - watch - apiGroups: - coordination.k8s.io resources: - leases verbs: - get - list - watch - apiGroups: - discovery.k8s.io resources: - endpointslices verbs: - get - list - watch - apiGroups: - events.k8s.io resources: - events verbs: - get - list - watch - apiGroups: - flowcontrol.apiserver.k8s.io resources: - flowschemas - prioritylevelconfigurations verbs: - get - list - watch - apiGroups: - helm.openshift.io resources: - helmchartrepositories - projecthelmchartrepositories verbs: - get - list - watch - apiGroups: - image.openshift.io resources: - images - imagestreams verbs: - get - list - watch - apiGroups: - image.openshift.io resources: - imagestreamimages verbs: - get - apiGroups: - image.openshift.io resources: - imagestreamtags - imagetags verbs: - get - list - apiGroups: - imageregistry.operator.openshift.io resources: - configs - imagepruners verbs: - get - list - watch - apiGroups: - ingress.operator.openshift.io resources: - dnsrecords verbs: - get - list - watch - apiGroups: - k8s.cni.cncf.io resources: - network-attachment-definitions verbs: - get - list - watch - apiGroups: - k8s.ovn.org resources: - egressfirewalls - egressips - egressqoses verbs: - get - list - watch - apiGroups: - machine.openshift.io resources: - machinehealthchecks - machines - machinesets - controlplanemachinesets verbs: - get - list - watch - apiGroups: - machineconfiguration.openshift.io resources: - containerruntimeconfigs - controllerconfigs - kubeletconfigs - machineconfigpools - machineconfigs verbs: - get - list - watch - apiGroups: - metrics.k8s.io resources: - nodes - pods verbs: - get - list - apiGroups: - migration.k8s.io resources: - storagestates - storageversionmigrations verbs: - get - list - watch - apiGroups: - monitoring.coreos.com resources: - alertmanagerconfigs - alertmanagers - podmonitors - probes - prometheuses - prometheusrules - servicemonitors - thanosrulers verbs: - get - list - watch - apiGroups: - network.operator.openshift.io resources: - egressrouters - operatorpkis verbs: - get - list - watch - apiGroups: - networking.k8s.io resources: - ingressclasses - ingresses - networkpolicies verbs: - get - list - watch - apiGroups: - node.k8s.io resources: - runtimeclasses verbs: - get - list - watch - apiGroups: - operator.openshift.io resources: - authentications - cloudcredentials - clustercsidrivers - configs - consoles - csisnapshotcontrollers - dnses - etcds - imagecontentsourcepolicies - ingresscontrollers - kubeapiservers - kubecontrollermanagers - kubeschedulers - kubestorageversionmigrators - networks - openshiftapiservers - openshiftcontrollermanagers - servicecas - storages verbs: - get - list - watch - apiGroups: - operators.coreos.com resources: - catalogsources - clusterserviceversions - installplans - olmconfigs - operatorconditions - operatorgroups - operators - subscriptions verbs: - get - list - watch - apiGroups: - packages.operators.coreos.com resources: - packagemanifests verbs: - get - list - apiGroups: - performance.openshift.io resources: - performanceprofiles verbs: - get - list - watch - apiGroups: - policy resources: - poddisruptionbudgets - podsecuritypolicies verbs: - get - list - watch - apiGroups: - preview.aro.openshift.io resources: - previewfeatures verbs: - get - list - watch - apiGroups: - project.openshift.io resources: - projectrequests verbs: - list - apiGroups: - project.openshift.io resources: - projects verbs: - get - list - watch - apiGroups: - quota.openshift.io resources: - appliedclusterresourcequotas verbs: - get - list - apiGroups: - quota.openshift.io resources: - clusterresourcequotas verbs: - get - list - watch - apiGroups: - rbac.authorization.k8s.io resources: - clusterrolebindings - clusterroles - rolebindings - roles verbs: - get - list - watch - apiGroups: - route.openshift.io resources: - routes verbs: - get - list - watch - apiGroups: - samples.operator.openshift.io resources: - configs verbs: - get - list - watch - apiGroups: - scheduling.k8s.io resources: - priorityclasses verbs: - get - list - watch - apiGroups: - security.internal.openshift.io resources: - rangeallocations verbs: - get - list - watch - apiGroups: - security.openshift.io resources: - rangeallocations - securitycontextconstraints verbs: - get - list - watch - apiGroups: - snapshot.storage.k8s.io resources: - volumesnapshotclasses - volumesnapshotcontents - volumesnapshots verbs: - get - list - watch - apiGroups: - storage.k8s.io resources: - csidrivers - csinodes - csistoragecapacities - storageclasses - volumeattachments verbs: - get - list - watch - apiGroups: - template.openshift.io resources: - brokertemplateinstances - templateinstances - templates verbs: - get - list - watch - apiGroups: - tuned.openshift.io resources: - profiles - tuneds verbs: - get - list - watch - apiGroups: - upgrade.managed.openshift.io resources: - upgradeconfigs verbs: - get - list - watch - apiGroups: - user.openshift.io resources: - groups - identities - users verbs: - get - list - watch - apiGroups: - user.openshift.io resources: - useridentitymappings verbs: - get - apiGroups: - whereabouts.cni.cncf.io resources: - ippools - overlappingrangeipreservations verbs: - get - list - watch - nonResourceURLs: - '*' verbs: - get