Skip to content

Commit 57a6437

Browse files
yishaynaPaloyishaynaPalo
committed
Add patch permissions
1 parent f2b9570 commit 57a6437

File tree

2 files changed

+10
-10
lines changed

2 files changed

+10
-10
lines changed

charts/konnector/Chart.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ apiVersion: v2
22
name: konnector
33
description: Deploys Palo Alto Networks' Cortex KSPM connector for advanced Kubernetes security posture management.
44
type: application
5-
version: 1.0.2
5+
version: 1.0.3
66
appVersion: "1.0.0"
77
maintainers:
88
- name: Palo Alto Networks - Cortex KSPM team

charts/konnector/values.yaml

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,7 @@ system:
6464
rules:
6565
- apiGroups: [""]
6666
resources: ["secrets"]
67-
verbs: ["create"]
67+
verbs: ["create", "patch"]
6868
job-manager:
6969
rules:
7070
- apiGroups: ["batch"]
@@ -78,14 +78,14 @@ system:
7878
connector-manager-creator:
7979
rules:
8080
- apiGroups: [""]
81-
resources: ["configmaps", "services"]
82-
verbs: ["create"]
81+
resources: ["configmaps", "services", "serviceaccounts"]
82+
verbs: ["create", "patch"]
8383
- apiGroups: ["apps"]
8484
resources: ["deployments"]
85-
verbs: ["create"]
85+
verbs: ["create", "patch"]
8686
- apiGroups: ["batch"]
87-
resources: ["cronjobs"]
88-
verbs: ["create"]
87+
resources: ["cronjobs", "jobs"]
88+
verbs: ["create", "patch"]
8989

9090
# ==========================
9191
# Cluster Role Resources
@@ -98,7 +98,7 @@ system:
9898
verbs: ["get", "update", "patch", "list", "watch"]
9999
- apiGroups: ["admissionregistration.k8s.io"]
100100
resources: ["validatingwebhookconfigurations"]
101-
verbs: ["update", "list", "watch", "get", "create"]
101+
verbs: ["update", "list", "watch", "get", "create", "patch"]
102102
read-inventory:
103103
rules:
104104
- apiGroups: [""]
@@ -112,15 +112,15 @@ system:
112112
verbs: ["get", "list", "watch"]
113113
- apiGroups: ["rbac.authorization.k8s.io"]
114114
resources: ["clusterroles", "roles", "rolebindings", "clusterrolebindings"]
115-
verbs: ["get", "list", "watch", "create"]
115+
verbs: ["get", "list", "watch", "create", "patch"]
116116
- apiGroups: ["networking.k8s.io"]
117117
resources: ["networkpolicies", "ingresses"]
118118
verbs: ["get", "list", "watch"]
119119
crd-manager:
120120
rules:
121121
- apiGroups: ["apiextensions.k8s.io"]
122122
resources: ["customresourcedefinitions"]
123-
verbs: ["create", "get"]
123+
verbs: ["create", "get", "patch"]
124124
otel:
125125
rules:
126126
- apiGroups: [""]

0 commit comments

Comments
 (0)