447a51f08b
* feat: kubesphere 4.0 Signed-off-by: ci-bot <ci-bot@kubesphere.io> * feat: kubesphere 4.0 Signed-off-by: ci-bot <ci-bot@kubesphere.io> --------- Signed-off-by: ci-bot <ci-bot@kubesphere.io> Co-authored-by: ks-ci-bot <ks-ci-bot@example.com> Co-authored-by: joyceliu <joyceliu@yunify.com>
56 lines
1.3 KiB
YAML
56 lines
1.3 KiB
YAML
apiVersion: iam.kubesphere.io/v1beta1
|
|
kind: ClusterRole
|
|
metadata:
|
|
annotations:
|
|
kubesphere.io/creator: system
|
|
kubesphere.io/description: '{"zh": "管理集群中的所有资源。", "en": "Manage all resources in the cluster."}'
|
|
iam.kubesphere.io/auto-aggregate: "true"
|
|
name: cluster-admin
|
|
aggregationRoleTemplates:
|
|
roleSelector:
|
|
matchLabels:
|
|
iam.kubesphere.io/scope: "cluster"
|
|
templateNames: []
|
|
rules:
|
|
- apiGroups:
|
|
- '*'
|
|
resources:
|
|
- '*'
|
|
verbs:
|
|
- '*'
|
|
- nonResourceURLs:
|
|
- '*'
|
|
verbs:
|
|
- '*'
|
|
|
|
---
|
|
apiVersion: iam.kubesphere.io/v1beta1
|
|
kind: ClusterRole
|
|
metadata:
|
|
annotations:
|
|
kubesphere.io/creator: system
|
|
kubesphere.io/description: '{"zh": "查看集群中的所有资源。", "en": "View all resources in the cluster."}'
|
|
iam.kubesphere.io/auto-aggregate: "true"
|
|
name: cluster-viewer
|
|
aggregationRoleTemplates:
|
|
roleSelector:
|
|
matchLabels:
|
|
iam.kubesphere.io/aggregate-to-cluster-viewer: ""
|
|
templateNames:
|
|
- cluster-view-components
|
|
- cluster-view-volume-snapshot-classes
|
|
- cluster-view-volumes
|
|
- cluster-view-roles
|
|
rules:
|
|
- apiGroups:
|
|
- '*'
|
|
resources:
|
|
- '*'
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- nonResourceURLs:
|
|
- '*'
|
|
verbs:
|
|
- GET |