diff --git a/config/rbac/dragonfly_editor_role.yaml b/config/rbac/dragonfly_editor_role.yaml index e838aa4..01143e0 100644 --- a/config/rbac/dragonfly_editor_role.yaml +++ b/config/rbac/dragonfly_editor_role.yaml @@ -9,6 +9,8 @@ metadata: app.kubernetes.io/created-by: dragonfly-operator app.kubernetes.io/part-of: dragonfly-operator app.kubernetes.io/managed-by: kustomize + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" name: dragonfly-editor-role rules: - apiGroups: diff --git a/config/rbac/dragonfly_viewer_role.yaml b/config/rbac/dragonfly_viewer_role.yaml index 84b0d24..f7a5e13 100644 --- a/config/rbac/dragonfly_viewer_role.yaml +++ b/config/rbac/dragonfly_viewer_role.yaml @@ -9,6 +9,10 @@ metadata: app.kubernetes.io/created-by: dragonfly-operator app.kubernetes.io/part-of: dragonfly-operator app.kubernetes.io/managed-by: kustomize + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" + rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true" name: dragonfly-viewer-role rules: - apiGroups: diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 731832a..ff21b76 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -16,3 +16,5 @@ resources: - auth_proxy_role.yaml - auth_proxy_role_binding.yaml - auth_proxy_client_clusterrole.yaml +- dragonfly_viewer_role.yaml +- dragonfly_editor_role.yaml \ No newline at end of file