Files
kubesphere/config/ks-core/templates/clusterroles.yaml
KubeSphere CI Bot 447a51f08b feat: kubesphere 4.0 (#6115)
* feat: kubesphere 4.0

Signed-off-by: ci-bot <ci-bot@kubesphere.io>

* feat: kubesphere 4.0

Signed-off-by: ci-bot <ci-bot@kubesphere.io>

---------

Signed-off-by: ci-bot <ci-bot@kubesphere.io>
Co-authored-by: ks-ci-bot <ks-ci-bot@example.com>
Co-authored-by: joyceliu <joyceliu@yunify.com>
2024-09-06 11:05:52 +08:00

56 lines
1.3 KiB
YAML

apiVersion: iam.kubesphere.io/v1beta1
kind: ClusterRole
metadata:
annotations:
kubesphere.io/creator: system
kubesphere.io/description: '{"zh": "管理集群中的所有资源。", "en": "Manage all resources in the cluster."}'
iam.kubesphere.io/auto-aggregate: "true"
name: cluster-admin
aggregationRoleTemplates:
roleSelector:
matchLabels:
iam.kubesphere.io/scope: "cluster"
templateNames: []
rules:
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
- nonResourceURLs:
- '*'
verbs:
- '*'
---
apiVersion: iam.kubesphere.io/v1beta1
kind: ClusterRole
metadata:
annotations:
kubesphere.io/creator: system
kubesphere.io/description: '{"zh": "查看集群中的所有资源。", "en": "View all resources in the cluster."}'
iam.kubesphere.io/auto-aggregate: "true"
name: cluster-viewer
aggregationRoleTemplates:
roleSelector:
matchLabels:
iam.kubesphere.io/aggregate-to-cluster-viewer: ""
templateNames:
- cluster-view-components
- cluster-view-volume-snapshot-classes
- cluster-view-volumes
- cluster-view-roles
rules:
- apiGroups:
- '*'
resources:
- '*'
verbs:
- get
- list
- watch
- nonResourceURLs:
- '*'
verbs:
- GET