give nodes update/delete permissions

This commit is contained in:
Jordan Liggitt 2017-02-13 13:14:47 -05:00
parent 95badd95ce
commit 967d4fb5f7
No known key found for this signature in database
GPG Key ID: 24E7ADF9A3B42012
2 changed files with 9 additions and 0 deletions

View File

@ -192,6 +192,7 @@ func ClusterRoles() []rbac.ClusterRole {
rbac.NewRule("create", "get", "list", "watch").Groups(legacyGroup).Resources("nodes").RuleOrDie(),
// TODO: restrict to the bound node once supported
rbac.NewRule("update", "patch").Groups(legacyGroup).Resources("nodes/status").RuleOrDie(),
rbac.NewRule("update", "patch", "delete").Groups(legacyGroup).Resources("nodes").RuleOrDie(),
// TODO: restrict to the bound node as creator once supported
rbac.NewRule("create", "update", "patch").Groups(legacyGroup).Resources("events").RuleOrDie(),

View File

@ -541,6 +541,14 @@ items:
verbs:
- patch
- update
- apiGroups:
- ""
resources:
- nodes
verbs:
- delete
- patch
- update
- apiGroups:
- ""
resources: