Skip to content

Commit

Permalink
provide users with appropriate access to resources
Browse files Browse the repository at this point in the history 
Users need access to a number of resources so that they can run scenarios.
  • Loading branch information
@mplsgrant
mplsgrant committed Sep 7, 2024
1 parent 7374699 commit 6371898
Show file tree
Hide file tree
Showing 3 changed files with 76 additions and 4 deletions.
26 changes: 25 additions & 1 deletion resources/charts/namespaces/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,32 @@ roles:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["pods/log", "pods/exec", "pods/attach", "pods/portforward"]
verbs: ["get"]
- apiGroups: [""]
resources: ["configmaps", "secrets"]
verbs: ["get"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["events"]
verbs: ["get"]
- name: pod-manager
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch", "create", "update", "delete"]
verbs: ["get", "list", "watch", "create", "delete", "update"]
- apiGroups: [""]
resources: ["pods/log", "pods/exec", "pods/attach", "pods/portforward"]
verbs: ["get", "create"]
- apiGroups: [""]
resources: ["configmaps", "secrets"]
verbs: ["get", "create"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["events"]
verbs: ["get"]
2 changes: 1 addition & 1 deletion resources/namespaces/two_namespaces_two_users/namespace-defaults.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,5 +12,5 @@ roles:
- name: pod-manager
rules:
- apiGroups: [""]
resources: ["pods"]
resources: ["pods", "configmaps"]
verbs: ["get", "list", "watch", "create", "update", "delete"]
52 changes: 50 additions & 2 deletions resources/namespaces/two_namespaces_two_users/namespaces.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,11 +14,35 @@ namespaces:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["pods/log", "pods/exec", "pods/attach", "pods/portforward"]
verbs: ["get"]
- apiGroups: [""]
resources: ["configmaps", "secrets"]
verbs: ["get"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["events"]
verbs: ["get"]
- name: pod-manager
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch", "create", "update", "delete"]
verbs: ["get", "list", "watch", "create", "delete", "update"]
- apiGroups: [""]
resources: ["pods/log", "pods/exec", "pods/attach", "pods/portforward"]
verbs: ["get", "create"]
- apiGroups: [""]
resources: ["configmaps", "secrets"]
verbs: ["get", "create"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["events"]
verbs: ["get"]
- name: warnet-blue-team
users:
- name: mallory
Expand All @@ -34,8 +58,32 @@ namespaces:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["pods/log", "pods/exec", "pods/attach", "pods/portforward"]
verbs: ["get"]
- apiGroups: [""]
resources: ["configmaps", "secrets"]
verbs: ["get"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["events"]
verbs: ["get"]
- name: pod-manager
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch", "create", "update", "delete"]
verbs: ["get", "list", "watch", "create", "delete", "update"]
- apiGroups: [""]
resources: ["pods/log", "pods/exec", "pods/attach", "pods/portforward"]
verbs: ["get", "create"]
- apiGroups: [""]
resources: ["configmaps", "secrets"]
verbs: ["get", "create"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["events"]
verbs: ["get"]

0 comments on commit 6371898

Please sign in to comment.