| apiVersion: v1 |
| items: |
| - apiVersion: rbac.authorization.k8s.io/v1 |
| kind: Role |
| metadata: |
| annotations: |
| rbac.authorization.kubernetes.io/autoupdate: "true" |
| creationTimestamp: null |
| labels: |
| kubernetes.io/bootstrapping: rbac-defaults |
| name: system:controller:bootstrap-signer |
| namespace: kube-public |
| rules: |
| - apiGroups: |
| - "" |
| resources: |
| - configmaps |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - "" |
| resourceNames: |
| - cluster-info |
| resources: |
| - configmaps |
| verbs: |
| - update |
| - apiGroups: |
| - "" |
| resources: |
| - events |
| verbs: |
| - create |
| - patch |
| - update |
| - apiVersion: rbac.authorization.k8s.io/v1 |
| kind: Role |
| metadata: |
| annotations: |
| rbac.authorization.kubernetes.io/autoupdate: "true" |
| creationTimestamp: null |
| labels: |
| kubernetes.io/bootstrapping: rbac-defaults |
| name: extension-apiserver-authentication-reader |
| namespace: kube-system |
| rules: |
| - apiGroups: |
| - "" |
| resourceNames: |
| - extension-apiserver-authentication |
| resources: |
| - configmaps |
| verbs: |
| - get |
| - apiVersion: rbac.authorization.k8s.io/v1 |
| kind: Role |
| metadata: |
| annotations: |
| rbac.authorization.kubernetes.io/autoupdate: "true" |
| creationTimestamp: null |
| labels: |
| kubernetes.io/bootstrapping: rbac-defaults |
| name: system::leader-locking-kube-controller-manager |
| namespace: kube-system |
| rules: |
| - apiGroups: |
| - "" |
| resources: |
| - configmaps |
| verbs: |
| - watch |
| - apiGroups: |
| - "" |
| resourceNames: |
| - kube-controller-manager |
| resources: |
| - configmaps |
| verbs: |
| - get |
| - update |
| - apiVersion: rbac.authorization.k8s.io/v1 |
| kind: Role |
| metadata: |
| annotations: |
| rbac.authorization.kubernetes.io/autoupdate: "true" |
| creationTimestamp: null |
| labels: |
| kubernetes.io/bootstrapping: rbac-defaults |
| name: system::leader-locking-kube-scheduler |
| namespace: kube-system |
| rules: |
| - apiGroups: |
| - "" |
| resources: |
| - configmaps |
| verbs: |
| - watch |
| - apiGroups: |
| - "" |
| resourceNames: |
| - kube-scheduler |
| resources: |
| - configmaps |
| verbs: |
| - get |
| - update |
| - apiVersion: rbac.authorization.k8s.io/v1 |
| kind: Role |
| metadata: |
| annotations: |
| rbac.authorization.kubernetes.io/autoupdate: "true" |
| creationTimestamp: null |
| labels: |
| kubernetes.io/bootstrapping: rbac-defaults |
| name: system:controller:bootstrap-signer |
| namespace: kube-system |
| rules: |
| - apiGroups: |
| - "" |
| resources: |
| - secrets |
| verbs: |
| - get |
| - list |
| - watch |
| - apiVersion: rbac.authorization.k8s.io/v1 |
| kind: Role |
| metadata: |
| annotations: |
| rbac.authorization.kubernetes.io/autoupdate: "true" |
| creationTimestamp: null |
| labels: |
| kubernetes.io/bootstrapping: rbac-defaults |
| name: system:controller:cloud-provider |
| namespace: kube-system |
| rules: |
| - apiGroups: |
| - "" |
| resources: |
| - configmaps |
| verbs: |
| - create |
| - get |
| - list |
| - watch |
| - apiVersion: rbac.authorization.k8s.io/v1 |
| kind: Role |
| metadata: |
| annotations: |
| rbac.authorization.kubernetes.io/autoupdate: "true" |
| creationTimestamp: null |
| labels: |
| kubernetes.io/bootstrapping: rbac-defaults |
| name: system:controller:token-cleaner |
| namespace: kube-system |
| rules: |
| - apiGroups: |
| - "" |
| resources: |
| - secrets |
| verbs: |
| - delete |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - "" |
| resources: |
| - events |
| verbs: |
| - create |
| - patch |
| - update |
| kind: List |
| metadata: {} |