github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

RBAC for TTL controller

Browse Source
This commit is contained in:
Wojciech Tyczynski
2017-02-01 11:58:34 +01:00
parent 6c0535a939
commit bc2849b644
3 changed files with 47 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
plugin/pkg/auth/authorizer/rbac/bootstrappolicy/controller_policy.go
View File

@@ -264,6 +264,13 @@ func init() {
eventsRule(),
},
})
addControllerRole(rbac.ClusterRole{
ObjectMeta: metav1.ObjectMeta{Name: saRolePrefix + "ttl-controller"},
Rules: []rbac.PolicyRule{
rbac.NewRule("update", "patch", "list", "watch").Groups(legacyGroup).Resources("nodes").RuleOrDie(),
eventsRule(),
},
})
addControllerRole(rbac.ClusterRole{
ObjectMeta: metav1.ObjectMeta{Name: saRolePrefix + "certificate-controller"},
Rules: []rbac.PolicyRule{