You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
76 lines
2.7 KiB
76 lines
2.7 KiB
[ |
|
{ |
|
"users":{ |
|
"roles":[ |
|
"k8s_admin" |
|
], |
|
"projects":[ |
|
"$PROJECT_ID" |
|
] |
|
}, |
|
"resource_permissions":{ |
|
"*/*":[ |
|
"*" |
|
] |
|
}, |
|
"nonresource_permissions":{ |
|
"/healthz":[ |
|
"get", |
|
"post" |
|
] |
|
} |
|
}, |
|
{ |
|
"users":{ |
|
"roles":[ |
|
"k8s_developer" |
|
], |
|
"projects":[ |
|
"$PROJECT_ID" |
|
] |
|
}, |
|
"resource_permissions":{ |
|
"!kube-system/['apiServices', 'bindings', 'componentstatuses', 'configmaps', 'cronjobs', 'customResourceDefinitions', 'deployments', 'endpoints', 'events', 'horizontalPodAutoscalers', 'ingresses', 'initializerConfigurations', 'jobs', 'limitRanges', 'localSubjectAccessReviews', 'namespaces', 'networkPolicies', 'persistentVolumeClaims', 'persistentVolumes', 'podDisruptionBudgets', 'podPresets', 'podTemplates', 'pods', 'replicaSets', 'replicationControllers', 'resourceQuotas', 'secrets', 'selfSubjectAccessReviews', 'serviceAccounts', 'services', 'statefulSets', 'storageClasses', 'subjectAccessReviews', 'tokenReviews']":[ |
|
"*" |
|
], |
|
"*/['clusterrolebindings', 'clusterroles', 'rolebindings', 'roles', 'controllerrevisions', 'nodes', 'podSecurityPolicies']":[ |
|
"get", |
|
"list", |
|
"watch" |
|
], |
|
"*/['certificateSigningRequests']":[ |
|
"create", |
|
"delete", |
|
"get", |
|
"list", |
|
"watch", |
|
"update" |
|
] |
|
} |
|
}, |
|
{ |
|
"users":{ |
|
"roles":[ |
|
"k8s_viewer" |
|
], |
|
"projects":[ |
|
"$PROJECT_ID" |
|
] |
|
}, |
|
"resource_permissions":{ |
|
"!kube-system/['tokenReviews']":[ |
|
"*" |
|
], |
|
"!kube-system/['apiServices', 'bindings', 'componentstatuses', 'configmaps', 'cronjobs', 'customResourceDefinitions', 'deployments', 'endpoints', 'events', 'horizontalPodAutoscalers', 'ingresses', 'initializerConfigurations', 'jobs', 'limitRanges', 'localSubjectAccessReviews', 'namespaces', 'networkPolicies', 'persistentVolumeClaims', 'persistentVolumes', 'podDisruptionBudgets', 'podPresets', 'podTemplates', 'pods', 'replicaSets', 'replicationControllers', 'resourceQuotas', 'secrets', 'selfSubjectAccessReviews', 'serviceAccounts', 'services', 'statefulSets', 'storageClasses', 'subjectAccessReviews']":[ |
|
"get", |
|
"list", |
|
"watch" |
|
], |
|
"*/['clusterrolebindings', 'clusterroles', 'rolebindings', 'roles', 'controllerrevisions', 'nodes', 'podSecurityPolicies']":[ |
|
"get", |
|
"list", |
|
"watch" |
|
] |
|
} |
|
} |
|
] |