RBAC rules for activedirectoryidentityprovider

2026-01-05 13:07:14 +00:00 · 2021-07-07 11:15:52 -07:00
parent 3b8edb84a5
commit be6f9f83ce
3 changed files with 23 additions and 1 deletions
--- a/deploy/supervisor/rbac.yaml
+++ b/deploy/supervisor/rbac.yaml
@@ -40,6 +40,14 @@ rules:
      - #@ pinnipedDevAPIGroupWithPrefix("idp.supervisor")
    resources: [ldapidentityproviders/status]
    verbs: [get, patch, update]
+  - apiGroups:
+      - #@ pinnipedDevAPIGroupWithPrefix("idp.supervisor")
+    resources: [activedirectoryidentityproviders]
+    verbs: [get, list, watch]
+  - apiGroups:
+      - #@ pinnipedDevAPIGroupWithPrefix("idp.supervisor")
+    resources: [activedirectoryidentityproviders/status]
+    verbs: [get, patch, update]
    #! We want to be able to read pods/replicasets/deployment so we can learn who our deployment is to set
    #! as an owner reference.
  - apiGroups: [""]