apiVersion: rbac.authorization.k8s.io/v1
namespace: default #replace with your namespace
name: example-role #replace with your role name
resources: ["pods", "pods/log", "events", "services", "configmaps", "persistentvolumeclaims", "endpoints"]
verbs: ["get", "watch", "list", "delete"]
- apiGroups: [""] # For pod shell access
verbs: ["get", "watch", "create"]
- apiGroups: ["extensions", "apps"]
resources: ["deployments", "replicasets", "statefulsets", "daemonsets"]
verbs: ["get", "watch", "list"]
- apiGroups: ["extensions", "batch"]
resources: ["jobs", "cronjobs"]
verbs: ["get", "watch", "list"]
- apiGroups: ["extensions", "networking.k8s.io"] # For ingresses
verbs: ["get", "watch", "list"]
- apiGroups: ["metrics.k8s.io"] # For metrics access
verbs: ["get", "watch", "list"]