-
Sören Henning authoredCo-authored-by:
Simon Ehrenstein <simon.ehrenstein@gmail.com> Co-authored-by:
Benedikt Wetzel <stu126940@mail.uni-kiel.de>
Sören Henning authoredCo-authored-by:
operator-role.yaml 1.18 KiB
{{- if not (index .Values "kube-prometheus-stack" "global" "rbac" "create") -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ template "theodolite.fullname" . }}-kube-prometheus-operator
labels:
app: {{ template "theodolite.name" . }}-kube-prometheus-operator
rules:
- apiGroups:
- monitoring.coreos.com
resources:
- alertmanagers
- alertmanagers/finalizers
- alertmanagerconfigs
- prometheuses
- prometheuses/finalizers
- thanosrulers
- thanosrulers/finalizers
- servicemonitors
- podmonitors
- probes
- prometheusrules
verbs:
- '*'
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- '*'
- apiGroups:
- ""
resources:
- configmaps
- secrets
verbs:
- '*'
- apiGroups:
- ""
resources:
- pods
verbs:
- list
- delete
- apiGroups:
- ""
resources:
- services
- services/finalizers
- endpoints
verbs:
- get
- create
- update
- delete
- apiGroups:
- ""
resources:
- nodes
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- namespaces
verbs:
- get
- list
- watch- apiGroups:
- networking.k8s.io
resources:
- ingresses
verbs:
- get
- list
- watch
{{- end }}