dotfiles/terranix/main/kubernetes/generated/istio-istiod/default.ClusterRole.istio-reader-clusterrole-1-20-2-istio-system.nix

69 lines
1.8 KiB
Nix
Raw Normal View History

{
apiVersion = "rbac.authorization.k8s.io/v1";
kind = "ClusterRole";
metadata = {
labels = {
app = "istio-reader";
release = "istio-istiod";
};
name = "istio-reader-clusterrole-1-20-2-istio-system";
};
rules = [
{
apiGroups = ["config.istio.io" "security.istio.io" "networking.istio.io" "authentication.istio.io" "rbac.istio.io"];
resources = ["*"];
verbs = ["get" "list" "watch"];
}
{
apiGroups = [""];
resources = ["endpoints" "pods" "services" "nodes" "replicationcontrollers" "namespaces" "secrets"];
verbs = ["get" "list" "watch"];
}
{
apiGroups = ["networking.istio.io"];
resources = ["workloadentries"];
verbs = ["get" "watch" "list"];
}
{
apiGroups = ["networking.x-k8s.io" "gateway.networking.k8s.io"];
resources = ["gateways"];
verbs = ["get" "watch" "list"];
}
{
apiGroups = ["apiextensions.k8s.io"];
resources = ["customresourcedefinitions"];
verbs = ["get" "list" "watch"];
}
{
apiGroups = ["discovery.k8s.io"];
resources = ["endpointslices"];
verbs = ["get" "list" "watch"];
}
{
apiGroups = ["multicluster.x-k8s.io"];
resources = ["serviceexports"];
verbs = ["get" "list" "watch" "create" "delete"];
}
{
apiGroups = ["multicluster.x-k8s.io"];
resources = ["serviceimports"];
verbs = ["get" "list" "watch"];
}
{
apiGroups = ["apps"];
resources = ["replicasets"];
verbs = ["get" "list" "watch"];
}
{
apiGroups = ["authentication.k8s.io"];
resources = ["tokenreviews"];
verbs = ["create"];
}
{
apiGroups = ["authorization.k8s.io"];
resources = ["subjectaccessreviews"];
verbs = ["create"];
}
];
}