config/cnimanager/rbac/role.yaml (50 lines of code) (raw):
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cni-manager-role
rules:
- apiGroups:
- ""
resources:
- configmaps
- pods
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- egressgateway.kubernetes.azure.com
resources:
- podendpoints
verbs:
- create
- delete
- list
- patch
- update
- watch
- apiGroups:
- egressgateway.kubernetes.azure.com
resources:
- staticgatewayconfigurations
verbs:
- get
- list
- watch
- apiGroups:
- egressgateway.kubernetes.azure.com
resources:
- staticgatewayconfigurations/status
verbs:
- get