Skip to content
Gregory Nickonov edited this page Apr 2, 2019 · 1 revision

Quick start

R.role :watcher do
  add_rule do
    api_groups '*'
    resources :configmaps, :secrets, :pods, :replicationcontrollers
    verbs :get, :list
  end
end

Create Role and add rule that gives permissions to list, inspect and watch specified resources.

Role

Kubernetes Documentation

Sunstone property Kubernetes property Type
metadata metadata Kubernetes Object Metadata
rules rules Array of PolicyRule

add_rule

Helper that creates the rule, optionally initializes it with the provided block and then returns it for future use:

add_rule do
  api_groups '*'
  resources :configmaps, :secrets
  verbs :get, :list
end
Clone this wiki locally