Skip to content
This repository has been archived by the owner on Oct 10, 2023. It is now read-only.

Commit

Permalink
Add permissions required by VsphereCPIConfig and VSphereCSIConfig con…
Browse files Browse the repository at this point in the history
…troller to create ClusterRole for CAPV to reconcile ProviderServiceAccount

Signed-off-by: Shyaam Nagarajan <nagarajans@vmware.com>
  • Loading branch information
shyaamsn committed Jun 7, 2022
1 parent 1686a44 commit 304725c
Showing 1 changed file with 93 additions and 0 deletions.
93 changes: 93 additions & 0 deletions packages/addons-manager/bundle/config/upstream/addons-manager.yaml
Original file line number Diff line number Diff line change
@@ -114,6 +114,99 @@ rules:
- watch
- update
- patch
#! permissions required by VsphereCPIConfig and VSphereCSIConfig controller to create ClusterRole for CAPV to reconcile ProviderServiceAccount
- apiGroups:
- vmoperator.vmware.com
resources:
- virtualmachineservices
- virtualmachineservices/status
verbs:
- get
- create
- update
- patch
- delete
- apiGroups:
- vmoperator.vmware.com
resources:
- virtualmachines
- virtualmachines/status
verbs:
- get
- list
- watch
- update
- patch
- apiGroups:
- nsx.vmware.com
resources:
- ippools
- ippools/status
verbs:
- get
- create
- update
- list
- patch
- delete
- watch
- apiGroups:
- nsx.vmware.com
resources:
- routesets
- routesets/status
verbs:
- get
- create
- update
- list
- patch
- delete
- apiGroups:
- cns.vmware.com
resources:
- cnsvolumemetadatas
- cnsfileaccessconfigs
verbs:
- get
- list
- watch
- update
- create
- delete
- apiGroups:
- cns.vmware.com
resources:
- cnscsisvfeaturestates
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- persistentvolumeclaims
verbs:
- get
- list
- watch
- update
- create
- delete
- apiGroups:
- ""
resources:
- persistentvolumeclaims/status
verbs:
- get
- update
- patch
- apiGroups:
- ""
resources:
- events
verbs:
- list
#! permissions are required for addons-manager to create/update resources in the ProviderRef which are dynamic.
- apiGroups: ['*']
resources: ['*']

0 comments on commit 304725c

Please # to comment.