-
Notifications
You must be signed in to change notification settings - Fork 1
ClusterRole
R.cluster_role :watcher do
add_rule do
api_groups '*'
resources :configmaps, :secrets, :pods, :replicationcontrollers
verbs :get, :list
end
end
Create ClusterRole and add rule that gives permissions to list, inspect and watch specified resources.
Sunstone property | Kubernetes property | Type |
---|---|---|
metadata | metadata | Kubernetes Object Metadata |
aggregation_rule | aggregationRule | AggregationRule |
rules | rules | Array of PolicyRule |
Helper that creates the rule, optionally initializes it with the provided block and then returns it for future use:
add_rule do
api_groups '*'
resources :configmaps, :secrets
verbs :get, :list
end
Sunstone property | Kubernetes property | Type |
---|---|---|
cluster_role_selectors | clusterRoleSelectors | Array of LabelSelector |
Sunstone property | Kubernetes property | Type |
---|---|---|
api_groups | apiGroups | Array of String |
non_resource_urls | nonResourceURLs | Array of String |
resource_names | resourceNames | Array of String |
resources | resources | Array of String |
verbs | verbs | Array of String |
If used without arguments, api_groups
and api_group
helpers return current list of API groups set for the rule. Passing list of arguments adds that list to the existing list of API groups:
api_groups :apps, :extensions
api_group '*'
If used without arguments, non_resource_urls
and non_resource_url
helpers return current list of non-resource URLs set for the rule. Passing list of arguments adds that list to the existing list of non-resource URLS:
non_resource_urls '/api', '/metrics'
non_resource_url '/api'
If used without arguments, resource_names
and resource_name
helpers return current list of resource names set for the rule. Passing list of arguments adds that list to the existing list of resource names:
resource_names :configmaps, :secrets
resource_name :pods
If used without arguments, resources
and resource
helpers return current list of resources set for the rule. Passing list of arguments adds that list to the existing list of resources:
resources :configmaps, :secrets
resource :pods
If used without arguments, verbs
and verb
helpers return current list of verbs set for the rule. Passing list of arguments adds that list to the existing list of verbs:
verbs :get, :list
verb :get