X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fcommon%2Froles-wrapper%2Ftemplates%2Frole.yaml;h=3438b6e36eaeacdd95067dfbc602c44cb3f28100;hb=822bcb4bb6fb2c9e14892da2cfd37e4b4e8125df;hp=e2a84b41518ded7993aa5ccc82520616c0254c72;hpb=f4527b94897c02c763f11e4013dbbe9b3a821061;p=oom.git

diff --git a/kubernetes/common/roles-wrapper/templates/role.yaml b/kubernetes/common/roles-wrapper/templates/role.yaml
index e2a84b4151..3438b6e36e 100644
--- a/kubernetes/common/roles-wrapper/templates/role.yaml
+++ b/kubernetes/common/roles-wrapper/templates/role.yaml
@@ -30,8 +30,12 @@ rules:
   - batch
   - extensions
   resources:
+  - endpoints
+  - services
+  - nodes
   - pods
   - deployments
+  - deployments/status
   - jobs
   - jobs/status
   - statefulsets
@@ -52,6 +56,7 @@ rules:
   resources:
   - pods
   - deployments
+  - deployments/status
   - jobs
   - jobs/status
   - statefulsets
@@ -59,6 +64,7 @@ rules:
   - replicasets/status
   - daemonsets
   - secrets
+  - services
   verbs:
   - get
   - watch
@@ -68,6 +74,7 @@ rules:
   - apps
   resources:
   - statefulsets
+  - configmaps
   verbs:
   - patch
 - apiGroups:
@@ -76,6 +83,8 @@ rules:
   resources:
   - deployments
   - secrets
+  - services
+  - pods
   verbs:
   - create
 - apiGroups:
@@ -85,7 +94,8 @@ rules:
   - pods
   - persistentvolumeclaims
   - secrets
-  - deployment
+  - deployments
+  - services
   verbs:
   - delete
 - apiGroups:
@@ -95,6 +105,13 @@ rules:
   - pods/exec
   verbs:
   - create
+- apiGroups:
+  - cert-manager.io
+  resources:
+  - certificates
+  verbs:
+  - create
+  - delete
 {{-     else }}
 # if you don't match read or create, then you're not allowed to use API
 # except to see basic information about yourself