| Mohammed Naser | 65cda13 | 2024-05-02 14:34:08 -0400 | [diff] [blame] | 1 | {{- if .Values.rbacAggregate.enableOBCs }} |
| 2 | apiVersion: rbac.authorization.k8s.io/v1 |
| 3 | kind: ClusterRole |
| 4 | metadata: |
| 5 | name: rook-ceph-obc-view |
| 6 | labels: |
| 7 | rbac.authorization.k8s.io/aggregate-to-view: "true" |
| 8 | rules: |
| 9 | - apiGroups: |
| 10 | - objectbucket.io |
| 11 | resources: |
| 12 | - objectbucketclaims |
| 13 | verbs: |
| 14 | - get |
| 15 | - list |
| 16 | - watch |
| 17 | --- |
| 18 | apiVersion: rbac.authorization.k8s.io/v1 |
| 19 | kind: ClusterRole |
| 20 | metadata: |
| 21 | name: rook-ceph-obc-edit |
| 22 | labels: |
| 23 | rbac.authorization.k8s.io/aggregate-to-edit: "true" |
| 24 | rules: |
| 25 | - apiGroups: |
| 26 | - objectbucket.io |
| 27 | resources: |
| 28 | - objectbucketclaims |
| 29 | verbs: |
| 30 | - create |
| 31 | - delete |
| 32 | - deletecollection |
| 33 | - patch |
| 34 | - update |
| 35 | {{- end }} |