Skip to content

Instantly share code, notes, and snippets.

@praveen4g0

praveen4g0/role.yaml

Last active April 22, 2020 12:41
Show Gist options
  • Save praveen4g0/26a84e12cf9a7ba035d42c2b46e1dcc0 to your computer and use it in GitHub Desktop.
Save praveen4g0/26a84e12cf9a7ba035d42c2b46e1dcc0 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
role.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: view
namespace: openshift-pipelines
rules:
- verbs:
- get
- list
- watch
apiGroups:
- operators.coreos.com
resources:
- clusterserviceversions
- catalogsources
- installplans
- subscriptions
- operatorgroups
- verbs:
- get
- list
- watch
apiGroups:
- packages.operators.coreos.com
resources:
- packagemanifests
- packagemanifests/icon
- verbs:
- get
apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
resourceNames:
- config.operator.tekton.dev
- verbs:
- get
- list
- watch
apiGroups:
- operator.tekton.dev
resources:
- config
- verbs:
- get
- list
- watch
apiGroups:
- packages.operators.coreos.com
resources:
- packagemanifests
- verbs:
- get
- list
- watch
apiGroups:
- ''
- image.openshift.io
resources:
- imagestreamimages
- imagestreammappings
- imagestreams
- imagestreamtags
- imagetags
- verbs:
- get
apiGroups:
- ''
- image.openshift.io
resources:
- imagestreams/layers
- verbs:
- get
apiGroups:
- ''
resources:
- namespaces
- verbs:
- get
apiGroups:
- ''
- project.openshift.io
resources:
- projects
- verbs:
- get
- list
- watch
apiGroups:
- ''
resources:
- configmaps
- endpoints
- persistentvolumeclaims
- persistentvolumeclaims/status
- pods
- replicationcontrollers
- replicationcontrollers/scale
- serviceaccounts
- services
- services/status
- verbs:
- get
- list
- watch
apiGroups:
- ''
resources:
- bindings
- events
- limitranges
- namespaces/status
- pods/log
- pods/status
- replicationcontrollers/status
- resourcequotas
- resourcequotas/status
- verbs:
- get
- list
- watch
apiGroups:
- ''
resources:
- namespaces
- verbs:
- get
- list
- watch
apiGroups:
- apps
resources:
- controllerrevisions
- daemonsets
- daemonsets/status
- deployments
- deployments/scale
- deployments/status
- replicasets
- replicasets/scale
- replicasets/status
- statefulsets
- statefulsets/scale
- statefulsets/status
- verbs:
- get
- list
- watch
apiGroups:
- autoscaling
resources:
- horizontalpodautoscalers
- horizontalpodautoscalers/status
- verbs:
- get
- list
- watch
apiGroups:
- batch
resources:
- cronjobs
- cronjobs/status
- jobs
- jobs/status
- verbs:
- get
- list
- watch
apiGroups:
- extensions
resources:
- daemonsets
- daemonsets/status
- deployments
- deployments/scale
- deployments/status
- ingresses
- ingresses/status
- networkpolicies
- replicasets
- replicasets/scale
- replicasets/status
- replicationcontrollers/scale
- verbs:
- get
- list
- watch
apiGroups:
- policy
resources:
- poddisruptionbudgets
- poddisruptionbudgets/status
- verbs:
- get
- list
- watch
apiGroups:
- networking.k8s.io
resources:
- ingresses
- ingresses/status
- networkpolicies
- verbs:
- get
- list
- watch
apiGroups:
- metrics.k8s.io
resources:
- pods
- nodes
- verbs:
- get
- list
- watch
apiGroups:
- ''
- build.openshift.io
resources:
- buildconfigs
- buildconfigs/webhooks
- builds
- verbs:
- get
- list
- watch
apiGroups:
- ''
- build.openshift.io
resources:
- builds/log
- verbs:
- view
apiGroups:
- build.openshift.io
resources:
- jenkins
- verbs:
- get
- list
- watch
apiGroups:
- ''
- apps.openshift.io
resources:
- deploymentconfigs
- deploymentconfigs/scale
- verbs:
- get
- list
- watch
apiGroups:
- ''
- apps.openshift.io
resources:
- deploymentconfigs/log
- deploymentconfigs/status
- verbs:
- get
- list
- watch
apiGroups:
- ''
- image.openshift.io
resources:
- imagestreams/status
- verbs:
- get
- list
- watch
apiGroups:
- ''
- quota.openshift.io
resources:
- appliedclusterresourcequotas
- verbs:
- get
- list
- watch
apiGroups:
- ''
- route.openshift.io
resources:
- routes
- verbs:
- get
- list
- watch
apiGroups:
- ''
- route.openshift.io
resources:
- routes/status
- verbs:
- get
- list
- watch
apiGroups:
- ''
- template.openshift.io
resources:
- processedtemplates
- templateconfigs
- templateinstances
- templates
- verbs:
- get
- list
- watch
apiGroups:
- ''
- build.openshift.io
resources:
- buildlogs
- verbs:
- get
- list
- watch
apiGroups:
- ''
resources:
- resourcequotausages
- verbs:
- get
- list
- watch
apiGroups:
- tekton.dev
resources:
- tasks
- taskruns
- pipelines
- pipelineruns
- pipelineresources
- conditions
- verbs:
- get
- list
- watch
apiGroups:
- tekton.dev
resources:
- clustertasks
- verbs:
- get
- list
- watch
apiGroups:
- tekton.dev
resources:
- clustertriggerbindings
- eventlisteners
- triggerbindings
- triggertemplates
- verbs:
- get
- list
- watch
apiGroups:
- triggers.tekton.dev
resources:
- clustertriggerbindings
- eventlisteners
- triggerbindings
- triggertemplates
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: view-1
namespace: openshift-pipelines
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: view
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: User
name: user1
namespace: openshift-pipelines
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment