github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-22 11:21:47 +00:00
Code Issues Projects Releases Wiki Activity

Allow write on events to edit role

Browse Source 
Signed-off-by: Tomas Coufal <tcoufal@redhat.com>
This commit is contained in:
Tomas Coufal 2021-06-14 22:51:06 +02:00
parent 28e0c4f5d1
commit 44cb4a63f6
No known key found for this signature in database
GPG Key ID: 11744BE7B97A9C31
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go
View File

@ -285,7 +285,7 @@ func ClusterRoles() []rbacv1.ClusterRole {
rbacv1helpers.NewRule(Write...).Groups(legacyGroup).Resources("pods", "pods/attach", "pods/proxy", "pods/exec", "pods/portforward").RuleOrDie(),
rbacv1helpers.NewRule(Write...).Groups(legacyGroup).Resources("replicationcontrollers", "replicationcontrollers/scale", "serviceaccounts",
"services", "services/proxy", "endpoints", "persistentvolumeclaims", "configmaps", "secrets").RuleOrDie(),
"services", "services/proxy", "endpoints", "persistentvolumeclaims", "configmaps", "secrets", "events").RuleOrDie(),
rbacv1helpers.NewRule(Write...).Groups(discoveryGroup).Resources("endpointslices").RuleOrDie(),

1
plugin/pkg/auth/authorizer/rbac/bootstrappolicy/testdata/cluster-roles.yaml vendored
View File

@ -129,6 +129,7 @@ items:
resources:
- configmaps
- endpoints
- events
- persistentvolumeclaims
- replicationcontrollers
- replicationcontrollers/scale