vendor/k8s.io/kubernetes/cluster/addons/dashboard/dashboard-rbac.yaml - cloudstack-kubernetes-provider - Git at Google

 kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   labels:
     k8s-app: kubernetes-dashboard
     addonmanager.kubernetes.io/mode: Reconcile
   name: kubernetes-dashboard-minimal
   namespace: kube-system
 rules:
   # Allow Dashboard to get, update and delete Dashboard exclusive secrets.
 - apiGroups: [""]
   resources: ["secrets"]
   resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"]
   verbs: ["get", "update", "delete"]
   # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
 - apiGroups: [""]
   resources: ["configmaps"]
   resourceNames: ["kubernetes-dashboard-settings"]
   verbs: ["get", "update"]
   # Allow Dashboard to get metrics from heapster.
 - apiGroups: [""]
   resources: ["services"]
   resourceNames: ["heapster"]
   verbs: ["proxy"]
 - apiGroups: [""]
   resources: ["services/proxy"]
   resourceNames: ["heapster", "http:heapster:", "https:heapster:"]
   verbs: ["get"]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   name: kubernetes-dashboard-minimal
   namespace: kube-system
   labels:
     k8s-app: kubernetes-dashboard
     addonmanager.kubernetes.io/mode: Reconcile
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: kubernetes-dashboard-minimal
 subjects:
 - kind: ServiceAccount
   name: kubernetes-dashboard
   namespace: kube-system
	kind: Role
	apiVersion: rbac.authorization.k8s.io/v1
	metadata:
	labels:
	k8s-app: kubernetes-dashboard
	addonmanager.kubernetes.io/mode: Reconcile
	name: kubernetes-dashboard-minimal
	namespace: kube-system
	rules:
	# Allow Dashboard to get, update and delete Dashboard exclusive secrets.
	- apiGroups: [""]
	resources: ["secrets"]
	resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"]
	verbs: ["get", "update", "delete"]
	# Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
	- apiGroups: [""]
	resources: ["configmaps"]
	resourceNames: ["kubernetes-dashboard-settings"]
	verbs: ["get", "update"]
	# Allow Dashboard to get metrics from heapster.
	- apiGroups: [""]
	resources: ["services"]
	resourceNames: ["heapster"]
	verbs: ["proxy"]
	- apiGroups: [""]
	resources: ["services/proxy"]
	resourceNames: ["heapster", "http:heapster:", "https:heapster:"]
	verbs: ["get"]
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: RoleBinding
	metadata:
	name: kubernetes-dashboard-minimal
	namespace: kube-system
	labels:
	k8s-app: kubernetes-dashboard
	addonmanager.kubernetes.io/mode: Reconcile
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: Role
	name: kubernetes-dashboard-minimal
	subjects:
	- kind: ServiceAccount
	name: kubernetes-dashboard
	namespace: kube-system