Bridge-To-Kubernetes Document minimal needed permissions

Document minimal needed permissions

Open ddklo opened this issue 10 months ago • 0 comments

Currently the documentation https://learn.microsoft.com/en-us/visualstudio/bridge/overview-bridge-to-kubernetes#kubernetes-rbac-authorization uses a cluster admin role. In some scenarios with shared klusteres giving this role to users or groups in not desired. A namespaced role seems to work, but which apiGroups, resources and verbs are needed aren't documented. Could the minimal needed permissions be documented?

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: bridgetokubernetes-dev
rules:
- apiGroups: ["","apps","rbac.authorization.k8s.io","batch"]
  resources: ["*"]
  verbs: ["*"]

Apr 25 '24 11:04 ddklo

Bridge-To-Kubernetes Bridge-To-Kubernetes copied to clipboard

Document minimal needed permissions

Bridge-To-Kubernetes
Bridge-To-Kubernetes copied to clipboard