# permissions for end users to view azurefirewallrules. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: azurefirewallrules-viewer-role rules: - apiGroups: - egress.azure-firewall-egress-controller.io resources: - azurefirewallrules verbs: - get - list - watch - apiGroups: - egress.azure-firewall-egress-controller.io resources: - azurefirewallrules/status verbs: - get