claude/k8s-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: expand naas-manager RBAC for PaaS (deployments, services, ingresses, pod logs)

Browse Source
This commit is contained in:
claude 2026-02-24 06:56:03 +01:00
parent 4b12e1e98c
commit 08f4f56a21
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
apps/operational-rbac/naas-manager-rbac.yaml
View File

@ -42,6 +42,22 @@ rules:
- apiGroups: ["metrics.k8s.io"]
resources: ["pods"]
verbs: ["get", "list"]
# PaaS: manage deployments in tenant namespaces
- apiGroups: ["apps"]
resources: ["deployments"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
# PaaS: manage services in tenant namespaces
- apiGroups: [""]
resources: ["services"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
# PaaS: manage ingresses in tenant namespaces
- apiGroups: ["networking.k8s.io"]
resources: ["ingresses"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
# PaaS: read pod logs
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding