ZeroDownTime/KubeZero
3
0
Fork 0
Code Issues 1 Pull Requests 25 Packages Projects Releases Wiki Activity
KubeZero/charts/kubezero-storage/charts/aws-ebs-csi-driver/templates/clusterrole-resizer.yaml

41 lines
1.3 KiB
YAML
Raw Blame History

{{- if not .Values.nodeComponentOnly -}}
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: ebs-external-resizer-role
labels:
{{- include "aws-ebs-csi-driver.labels" . | nindent 4 }}
# Do not modify the rules below manually, see `make update-sidecar-dependencies`
# BEGIN AUTOGENERATED RULES
rules:
# The following rule should be uncommented for plugins that require secrets
# for provisioning.
# - apiGroups: [""]
# resources: ["secrets"]
# verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "patch"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["persistentvolumeclaims/status"]
verbs: ["patch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["list", "watch", "create", "update", "patch"]
# only required if enabling the alpha volume modify feature
- apiGroups: ["storage.k8s.io"]
resources: ["volumeattributesclasses"]
verbs: ["get", "list", "watch"]
# END AUTOGENERATED RULES
{{- with .Values.sidecars.resizer.additionalClusterRoleRules }}
{{- . | toYaml | nindent 2 }}
{{- end }}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink