[COMMON] Add roles for hazelcast apps

[oom.git] / kubernetes / common / roles-wrapper / templates / role.yaml

diff --git a/kubernetes/common/roles-wrapper/templates/role.yaml b/kubernetes/common/roles-wrapper/templates/role.yaml
index e2a84b4..3438b6e 100644 (file)
--- a/kubernetes/common/roles-wrapper/templates/role.yaml
+++ b/kubernetes/common/roles-wrapper/templates/role.yaml
@@ -30,8 +30,12 @@ rules:
   - batch
   - extensions
   resources:
+  - endpoints
+  - services
+  - nodes
   - pods
   - deployments
+  - deployments/status
   - jobs
   - jobs/status
   - statefulsets
@@ -52,6 +56,7 @@ rules:
   resources:
   - pods
   - deployments
+  - deployments/status
   - jobs
   - jobs/status
   - statefulsets
@@ -59,6 +64,7 @@ rules:
   - replicasets/status
   - daemonsets
   - secrets
+  - services
   verbs:
   - get
   - watch
@@ -68,6 +74,7 @@ rules:
   - apps
   resources:
   - statefulsets
+  - configmaps
   verbs:
   - patch
 - apiGroups:
@@ -76,6 +83,8 @@ rules:
   resources:
   - deployments
   - secrets
+  - services
+  - pods
   verbs:
   - create
 - apiGroups:
@@ -85,7 +94,8 @@ rules:
   - pods
   - persistentvolumeclaims
   - secrets
-  - deployment
+  - deployments
+  - services
   verbs:
   - delete
 - apiGroups:
@@ -95,6 +105,13 @@ rules:
   - pods/exec
   verbs:
   - create
+- apiGroups:
+  - cert-manager.io
+  resources:
+  - certificates
+  verbs:
+  - create
+  - delete
 {{-     else }}
 # if you don't match read or create, then you're not allowed to use API
 # except to see basic information about yourself