marco/plugin-barman-cloud
1
0
Fork 0
mirror of https://github.com/cloudnative-pg/plugin-barman-cloud.git synced 2026-01-11 21:23:12 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
78b650417f
plugin-barman-cloud/web/static/migration-rbac.yaml
Armando Ruocco 78b650417f
doc: review 
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
2025-10-27 14:16:17 +01:00

248 lines
4.3 KiB
YAML
Raw Blame History

# This manifest contains the RBAC resources for the plugin-barman-cloud migration.
#
# This manifest is configured for the 'cnpg-system' namespace.
# Simply apply it with:
# kubectl apply -f migration-rbac.yaml
#
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: plugin-barman-cloud
name: plugin-barman-cloud
namespace: cnpg-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: plugin-barman-cloud
name: barman-plugin-leader-election-role
namespace: cnpg-system
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: barman-plugin-metrics-auth-role
rules:
- apiGroups:
- authentication.k8s.io
resources:
- tokenreviews
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: barman-plugin-metrics-reader
rules:
- nonResourceURLs:
- /metrics
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: plugin-barman-cloud
name: barman-plugin-objectstore-editor-role
rules:
- apiGroups:
- barmancloud.cnpg.io
resources:
- objectstores
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- barmancloud.cnpg.io
resources:
- objectstores/status
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: plugin-barman-cloud
name: barman-plugin-objectstore-viewer-role
rules:
- apiGroups:
- barmancloud.cnpg.io
resources:
- objectstores
verbs:
- get
- list
- watch
- apiGroups:
- barmancloud.cnpg.io
resources:
- objectstores/status
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: plugin-barman-cloud
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- delete
- get
- list
- watch
- apiGroups:
- barmancloud.cnpg.io
resources:
- objectstores
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- barmancloud.cnpg.io
resources:
- objectstores/finalizers
verbs:
- update
- apiGroups:
- barmancloud.cnpg.io
resources:
- objectstores/status
verbs:
- get
- patch
- update
- apiGroups:
- postgresql.cnpg.io
resources:
- backups
verbs:
- get
- list
- watch
- apiGroups:
- postgresql.cnpg.io
resources:
- clusters/finalizers
verbs:
- update
- apiGroups:
- rbac.authorization.k8s.io
resources:
- rolebindings
- roles
verbs:
- create
- get
- list
- patch
- update
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: plugin-barman-cloud
name: barman-plugin-leader-election-rolebinding
namespace: cnpg-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: barman-plugin-leader-election-role
subjects:
- kind: ServiceAccount
name: plugin-barman-cloud
namespace: cnpg-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: barman-plugin-metrics-auth-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: barman-plugin-metrics-auth-role
subjects:
- kind: ServiceAccount
name: plugin-barman-cloud
namespace: cnpg-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: plugin-barman-cloud
name: plugin-barman-cloud-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: plugin-barman-cloud
subjects:
- kind: ServiceAccount
name: plugin-barman-cloud
namespace: cnpg-system
Reference in New Issue View Git Blame Copy Permalink