1apiVersion: rbac.authorization.k8s.io/v1
2kind: ClusterRole
3metadata:
4 name: opentelemetry-targetallocator-role
5rules:
6- resources: ["servicemonitors", "podmonitors"]
7 apiGroups: ["monitoring.coreos.com"]
8 verbs: ['*']
9- resources: ["namespaces", "nodes", "nodes/metrics", "services", "endpoints", "pods", "configmaps", "secrets"]
10 apiGroups: [""]
11 verbs: ["get", "list", "watch"]
12- resources: ["endpointslices"]
13 apiGroups: ["discovery.k8s.io"]
14 verbs: ["get", "list", "watch"]
15- resources: ["ingresses"]
16 apiGroups: ["networking.k8s.io"]
17 verbs: ["get", "list", "watch"]
18- nonResourceURLs: ["/metrics"]
19 verbs: ["get"]
20---
21apiVersion: rbac.authorization.k8s.io/v1
22kind: ClusterRoleBinding
23metadata:
24 name: opentelemetry-targetallocator-rb
25roleRef:
26 name: opentelemetry-targetallocator-role
27 kind: ClusterRole
28 apiGroup: rbac.authorization.k8s.io
29subjects:
30- name: opentelemetry-targetallocator-sa
31 kind: ServiceAccount
View as plain text