Created
October 26, 2021 13:50
-
-
Save lamw/f66f1ca6c059b2852f03adb0d627abf2 to your computer and use it in GitHub Desktop.
vSphere w/Tanzu ClusterRole Edit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@42294959c845d4be8507807dd2d100d0 [ ~ ]# k get clusterrole edit -o yaml | |
| aggregationRule: | |
| clusterRoleSelectors: | |
| - matchLabels: | |
| rbac.authorization.k8s.io/aggregate-to-edit: "true" | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRole | |
| metadata: | |
| annotations: | |
| rbac.authorization.kubernetes.io/autoupdate: "true" | |
| creationTimestamp: "2021-10-24T17:28:03Z" | |
| labels: | |
| kubernetes.io/bootstrapping: rbac-defaults | |
| rbac.authorization.k8s.io/aggregate-to-admin: "true" | |
| name: edit | |
| resourceVersion: "2248" | |
| selfLink: /apis/rbac.authorization.k8s.io/v1/clusterroles/edit | |
| uid: ca243abd-4c52-4dc6-bfd5-08d44535b90c | |
| rules: | |
| - apiGroups: | |
| - cert-manager.io | |
| resources: | |
| - certificates | |
| - certificaterequests | |
| - issuers | |
| verbs: | |
| - create | |
| - delete | |
| - deletecollection | |
| - patch | |
| - update | |
| - apiGroups: | |
| - cert-manager.io | |
| resources: | |
| - certificates | |
| - certificaterequests | |
| - issuers | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - pods/attach | |
| - pods/exec | |
| - pods/portforward | |
| - pods/proxy | |
| - secrets | |
| - services/proxy | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - serviceaccounts | |
| verbs: | |
| - impersonate | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - pods | |
| - pods/attach | |
| - pods/exec | |
| - pods/portforward | |
| - pods/proxy | |
| verbs: | |
| - create | |
| - delete | |
| - deletecollection | |
| - patch | |
| - update | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - configmaps | |
| - endpoints | |
| - persistentvolumeclaims | |
| - replicationcontrollers | |
| - replicationcontrollers/scale | |
| - secrets | |
| - serviceaccounts | |
| - services | |
| - services/proxy | |
| verbs: | |
| - create | |
| - delete | |
| - deletecollection | |
| - patch | |
| - update | |
| - apiGroups: | |
| - apps | |
| resources: | |
| - daemonsets | |
| - deployments | |
| - deployments/rollback | |
| - deployments/scale | |
| - replicasets | |
| - replicasets/scale | |
| - statefulsets | |
| - statefulsets/scale | |
| verbs: | |
| - create | |
| - delete | |
| - deletecollection | |
| - patch | |
| - update | |
| - apiGroups: | |
| - autoscaling | |
| resources: | |
| - horizontalpodautoscalers | |
| verbs: | |
| - create | |
| - delete | |
| - deletecollection | |
| - patch | |
| - update | |
| - apiGroups: | |
| - batch | |
| resources: | |
| - cronjobs | |
| - jobs | |
| verbs: | |
| - create | |
| - delete | |
| - deletecollection | |
| - patch | |
| - update | |
| - apiGroups: | |
| - extensions | |
| resources: | |
| - daemonsets | |
| - deployments | |
| - deployments/rollback | |
| - deployments/scale | |
| - ingresses | |
| - networkpolicies | |
| - replicasets | |
| - replicasets/scale | |
| - replicationcontrollers/scale | |
| verbs: | |
| - create | |
| - delete | |
| - deletecollection | |
| - patch | |
| - update | |
| - apiGroups: | |
| - policy | |
| resources: | |
| - poddisruptionbudgets | |
| verbs: | |
| - create | |
| - delete | |
| - deletecollection | |
| - patch | |
| - update | |
| - apiGroups: | |
| - networking.k8s.io | |
| resources: | |
| - ingresses | |
| - networkpolicies | |
| verbs: | |
| - create | |
| - delete | |
| - deletecollection | |
| - patch | |
| - update | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - configmaps | |
| - endpoints | |
| - persistentvolumeclaims | |
| - persistentvolumeclaims/status | |
| - pods | |
| - replicationcontrollers | |
| - replicationcontrollers/scale | |
| - serviceaccounts | |
| - services | |
| - services/status | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - bindings | |
| - events | |
| - limitranges | |
| - namespaces/status | |
| - pods/log | |
| - pods/status | |
| - replicationcontrollers/status | |
| - resourcequotas | |
| - resourcequotas/status | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - namespaces | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - apps | |
| resources: | |
| - controllerrevisions | |
| - daemonsets | |
| - daemonsets/status | |
| - deployments | |
| - deployments/scale | |
| - deployments/status | |
| - replicasets | |
| - replicasets/scale | |
| - replicasets/status | |
| - statefulsets | |
| - statefulsets/scale | |
| - statefulsets/status | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - autoscaling | |
| resources: | |
| - horizontalpodautoscalers | |
| - horizontalpodautoscalers/status | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - batch | |
| resources: | |
| - cronjobs | |
| - cronjobs/status | |
| - jobs | |
| - jobs/status | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - extensions | |
| resources: | |
| - daemonsets | |
| - daemonsets/status | |
| - deployments | |
| - deployments/scale | |
| - deployments/status | |
| - ingresses | |
| - ingresses/status | |
| - networkpolicies | |
| - replicasets | |
| - replicasets/scale | |
| - replicasets/status | |
| - replicationcontrollers/scale | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - policy | |
| resources: | |
| - poddisruptionbudgets | |
| - poddisruptionbudgets/status | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - networking.k8s.io | |
| resources: | |
| - ingresses | |
| - ingresses/status | |
| - networkpolicies | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - netoperator.vmware.com | |
| resources: | |
| - networks | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - netoperator.vmware.com | |
| resources: | |
| - networks/status | |
| verbs: | |
| - get | |
| - apiGroups: | |
| - run.tanzu.vmware.com | |
| resources: | |
| - tanzukubernetesclusters | |
| - tkgserviceconfigurations | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - run.tanzu.vmware.com | |
| resources: | |
| - tanzukubernetesclusters/status | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - cluster.x-k8s.io | |
| resources: | |
| - clusters | |
| - machines | |
| - machineclasses | |
| - machinedeployments | |
| - machinesets | |
| - machinehealthchecks | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - cluster.x-k8s.io | |
| resources: | |
| - clusters/status | |
| - machines/status | |
| - machineclasses/status | |
| - machinedeployments/status | |
| - machinesets/status | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - controlplane.cluster.x-k8s.io | |
| resources: | |
| - kubeadmcontrolplanes | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - controlplane.cluster.x-k8s.io | |
| resources: | |
| - kubeadmcontrolplanes/status | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - bootstrap.cluster.x-k8s.io | |
| resources: | |
| - kubeadmconfigs | |
| - kubeadmconfigtemplates | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - infrastructure.cluster.vmware.com | |
| resources: | |
| - wcpclusters | |
| - wcpmachines | |
| - wcpmachinetemplates | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - vmoperator.vmware.com | |
| resources: | |
| - virtualmachines | |
| - virtualmachines/status | |
| - virtualmachineimages | |
| - virtualmachineimages/status | |
| - virtualmachineservices | |
| - virtualmachineservices/status | |
| - virtualmachineclasses | |
| - virtualmachineclasses/status | |
| - virtualmachinesetresourcepolicies | |
| - virtualmachinesetresourcepolicies/status | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - licenseoperator.vmware.com | |
| resources: | |
| - kuberneteslicenses | |
| - kuberneteslicenses/status | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - appplatform.wcp.vmware.com | |
| resources: | |
| - supervisorservicedefinitions | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - appplatform.wcp.vmware.com | |
| resources: | |
| - supervisorservicedefinitions/status | |
| verbs: | |
| - get | |
| - apiGroups: | |
| - appplatform.wcp.vmware.com | |
| resources: | |
| - supervisorservices | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - appplatform.wcp.vmware.com | |
| resources: | |
| - supervisorservices/status | |
| verbs: | |
| - get | |
| - apiGroups: | |
| - vmoperator.vmware.com | |
| resources: | |
| - contentlibraryproviders | |
| - contentsources | |
| - contentsourcebindings | |
| - virtualmachineclasses | |
| - virtualmachineclassbindings | |
| - virtualmachineimages | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - rbac.authorization.k8s.io | |
| resources: | |
| - rolebindings | |
| - roles | |
| verbs: | |
| - create | |
| - delete | |
| - deletecollection | |
| - get | |
| - list | |
| - patch | |
| - update | |
| - watch | |
| - apiGroups: | |
| - run.tanzu.vmware.com | |
| resources: | |
| - tanzukubernetesclusters | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - create | |
| - update | |
| - patch | |
| - delete | |
| - apiGroups: | |
| - run.tanzu.vmware.com | |
| resources: | |
| - tanzukubernetesclusters/status | |
| verbs: | |
| - get | |
| - update | |
| - patch | |
| - apiGroups: | |
| - run.tanzu.vmware.com | |
| resources: | |
| - tkgserviceconfigurations | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - patch | |
| - update | |
| - apiGroups: | |
| - cluster.x-k8s.io | |
| resources: | |
| - clusters | |
| - machineclasses | |
| - machinedeployments | |
| - machinesets | |
| - machinehealthchecks | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - cluster.x-k8s.io | |
| resources: | |
| - machines | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - delete | |
| - apiGroups: | |
| - cluster.x-k8s.io | |
| resources: | |
| - clusters/status | |
| - machines/status | |
| - machineclasses/status | |
| - machinedeployments/status | |
| - machinesets/status | |
| - machinehealthchecks/status | |
| verbs: | |
| - get | |
| - apiGroups: | |
| - controlplane.cluster.x-k8s.io | |
| resources: | |
| - kubeadmcontrolplanes/status | |
| verbs: | |
| - get | |
| - apiGroups: | |
| - vmoperator.vmware.com | |
| resources: | |
| - virtualmachines | |
| - virtualmachines/status | |
| - virtualmachineimages | |
| - virtualmachineimages/status | |
| - virtualmachineservices | |
| - virtualmachineservices/status | |
| - virtualmachinesetresourcepolicies | |
| - virtualmachinesetresourcepolicies/status | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - vmoperator.vmware.com | |
| resources: | |
| - virtualmachineclasses | |
| - virtualmachineclasses/status | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - cns.vmware.com | |
| resources: | |
| - cnsnodevmattachments | |
| - cnsnodevmattachments/status | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - installers.tmc.cloud.vmware.com | |
| resources: | |
| - agentinstalls | |
| - agentinstalls/status | |
| verbs: | |
| - '*' | |
| - apiGroups: | |
| - vmoperator.vmware.com | |
| resources: | |
| - virtualmachines | |
| - virtualmachineservices | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - create | |
| - update | |
| - patch | |
| - delete |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment