4 name: rook-csi-cephfs-provisioner-sa
8 apiVersion: rbac.authorization.k8s.io/v1
10 name: cephfs-external-provisioner-runner
14 rbac.ceph.rook.io/aggregate-to-cephfs-external-provisioner-runner: "true"
18 apiVersion: rbac.authorization.k8s.io/v1
20 name: cephfs-external-provisioner-runner-rules
22 rbac.ceph.rook.io/aggregate-to-cephfs-external-provisioner-runner: "true"
25 resources: ["secrets"]
26 verbs: ["get", "list"]
28 resources: ["persistentvolumes"]
29 verbs: ["get", "list", "watch", "create", "delete", "update"]
31 resources: ["persistentvolumeclaims"]
32 verbs: ["get", "list", "watch", "update"]
33 - apiGroups: ["storage.k8s.io"]
34 resources: ["storageclasses"]
35 verbs: ["get", "list", "watch"]
38 verbs: ["list", "watch", "create", "update", "patch"]
40 resources: ["configmaps"]
41 verbs: ["get", "list", "create", "delete"]
44 kind: ClusterRoleBinding
45 apiVersion: rbac.authorization.k8s.io/v1
47 name: cephfs-csi-provisioner-role
49 - kind: ServiceAccount
50 name: rook-csi-cephfs-provisioner-sa
54 name: cephfs-external-provisioner-runner
55 apiGroup: rbac.authorization.k8s.io