-
Sergiusz Urbaniak authored
Currently, only cluster wide admins have the permissions to view metrics resources. This fixes it by adding a read-only cluster role which includes aggregation labels to synthesize permission rules for standard user-facing roles according to [1]. Note that only the "pods" resource is granted as reading "nodes" metrics requires a cluster wide permission. [1] https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
Sergiusz Urbaniak authoredCurrently, only cluster wide admins have the permissions to view metrics resources. This fixes it by adding a read-only cluster role which includes aggregation labels to synthesize permission rules for standard user-facing roles according to [1]. Note that only the "pods" resource is granted as reading "nodes" metrics requires a cluster wide permission. [1] https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
