supabase-operator/config/rbac/storage_editor_role.yaml

# This rule is not used by the project supabase-operator itself.
# It is provided to allow the cluster admin to help manage permissions for users.
#
# Grants permissions to create, update, and delete resources within the supabase.k8s.icb4dc0.de.
# This role is intended for users who need to manage these resources
# but should not control RBAC or manage permissions for others.

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app.kubernetes.io/name: supabase-operator
    app.kubernetes.io/managed-by: kustomize
  name: storage-editor-role
rules:
- apiGroups:
  - supabase.k8s.icb4dc0.de
  resources:
  - storages
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
- apiGroups:
  - supabase.k8s.icb4dc0.de
  resources:
  - storages/status
  verbs:
  - get
refactor: implement control plane as controller-runtime manager 2025-01-20 17:06:41 +01:00			`# This rule is not used by the project supabase-operator itself.`
			`# It is provided to allow the cluster admin to help manage permissions for users.`
			`#`
			`# Grants permissions to create, update, and delete resources within the supabase.k8s.icb4dc0.de.`
			`# This role is intended for users who need to manage these resources`
			`# but should not control RBAC or manage permissions for others.`

			`apiVersion: rbac.authorization.k8s.io/v1`
			`kind: ClusterRole`
			`metadata:`
			`labels:`
			`app.kubernetes.io/name: supabase-operator`
			`app.kubernetes.io/managed-by: kustomize`
			`name: storage-editor-role`
			`rules:`
			`- apiGroups:`
			`- supabase.k8s.icb4dc0.de`
			`resources:`
			`- storages`
			`verbs:`
			`- create`
			`- delete`
			`- get`
			`- list`
			`- patch`
			`- update`
			`- watch`
			`- apiGroups:`
			`- supabase.k8s.icb4dc0.de`
			`resources:`
			`- storages/status`
			`verbs:`
			`- get`