aboutsummaryrefslogtreecommitdiffstats
path: root/vnfs/DAaaS/00-init/rook-ceph/templates/role.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'vnfs/DAaaS/00-init/rook-ceph/templates/role.yaml')
-rw-r--r--vnfs/DAaaS/00-init/rook-ceph/templates/role.yaml35
1 files changed, 35 insertions, 0 deletions
diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/role.yaml b/vnfs/DAaaS/00-init/rook-ceph/templates/role.yaml
new file mode 100644
index 00000000..45122d32
--- /dev/null
+++ b/vnfs/DAaaS/00-init/rook-ceph/templates/role.yaml
@@ -0,0 +1,35 @@
+{{- if .Values.rbacEnable }}
+# The role for the operator to manage resources in the system namespace
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: Role
+metadata:
+ name: rook-ceph-system
+ labels:
+ operator: rook
+ storage-backend: ceph
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ - configmaps
+ verbs:
+ - get
+ - list
+ - watch
+ - patch
+ - create
+ - update
+ - delete
+- apiGroups:
+ - extensions
+ resources:
+ - daemonsets
+ verbs:
+ - get
+ - list
+ - watch
+ - create
+ - update
+ - delete
+{{- end }}