X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fcommon%2Froles-wrapper%2Ftemplates%2Frole.yaml;h=0be6c7bbd62fdd37e634cc0c895a5d97e18423b5;hb=17d63089a2dc5d36e3441eb4871faacf9d122cfe;hp=e2a84b41518ded7993aa5ccc82520616c0254c72;hpb=d0326d0c97e7708a3f550d5abe821d8320628bd8;p=oom.git

diff --git a/kubernetes/common/roles-wrapper/templates/role.yaml b/kubernetes/common/roles-wrapper/templates/role.yaml
index e2a84b4151..0be6c7bbd6 100644
--- a/kubernetes/common/roles-wrapper/templates/role.yaml
+++ b/kubernetes/common/roles-wrapper/templates/role.yaml
@@ -32,6 +32,7 @@ rules:
   resources:
   - pods
   - deployments
+  - deployments/status
   - jobs
   - jobs/status
   - statefulsets
@@ -52,6 +53,7 @@ rules:
   resources:
   - pods
   - deployments
+  - deployments/status
   - jobs
   - jobs/status
   - statefulsets
@@ -59,6 +61,7 @@ rules:
   - replicasets/status
   - daemonsets
   - secrets
+  - services
   verbs:
   - get
   - watch
@@ -68,6 +71,7 @@ rules:
   - apps
   resources:
   - statefulsets
+  - configmaps
   verbs:
   - patch
 - apiGroups:
@@ -76,6 +80,8 @@ rules:
   resources:
   - deployments
   - secrets
+  - services
+  - pods
   verbs:
   - create
 - apiGroups:
@@ -85,7 +91,8 @@ rules:
   - pods
   - persistentvolumeclaims
   - secrets
-  - deployment
+  - deployments
+  - services
   verbs:
   - delete
 - apiGroups:
@@ -95,6 +102,13 @@ rules:
   - pods/exec
   verbs:
   - create
+- apiGroups:
+  - cert-manager.io
+  resources:
+  - certificates
+  verbs:
+  - create
+  - delete
 {{-     else }}
 # if you don't match read or create, then you're not allowed to use API
 # except to see basic information about yourself