diff --git a/deploy/cloud/manifests/mongodb.yaml.tmpl b/deploy/cloud/manifests/mongodb.yaml.tmpl index ec3ea709b64..c498d00dc72 100644 --- a/deploy/cloud/manifests/mongodb.yaml.tmpl +++ b/deploy/cloud/manifests/mongodb.yaml.tmpl @@ -5,7 +5,7 @@ metadata: sealos-db-provider-cr: sealos-mongodb app.kubernetes.io/instance: sealos-mongodb app.kubernetes.io/managed-by: kbcli - name: sealos-mongodb + name: sealos-mongodb-sa namespace: sealos --- apiVersion: rbac.authorization.k8s.io/v1 @@ -19,82 +19,11 @@ metadata: namespace: sealos rules: - apiGroups: - - apps.kubeblocks.io - resources: - - clusters - verbs: - - get - - list - - apiGroups: - - apps.kubeblocks.io - resources: - - clusters/status - verbs: - - get - - apiGroups: - - '' - resources: - - events - verbs: - - create - - apiGroups: - - '' - resources: - - configmaps - verbs: - - create - - get - - list - - patch - - update - - watch - - delete - - apiGroups: - - '' - resources: - - endpoints - verbs: - - create - - get - - list - - patch - - update - - watch - - delete - - apiGroups: - - '' - resources: - - pods - verbs: - - get - - list - - patch - - update - - watch - - apiGroups: - - dataprotection.kubeblocks.io - resources: - - backups - verbs: - - create - - get - - list - - patch - - update - - watch - - delete - - apiGroups: - - dataprotection.kubeblocks.io + - '*' resources: - - backups/status + - '*' verbs: - - create - - get - - list - - patch - - update - - watch - - delete + - '*' --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -111,7 +40,7 @@ roleRef: name: sealos-mongodb subjects: - kind: ServiceAccount - name: sealos-mongodb + name: sealos-mongodb-sa --- apiVersion: apps.kubeblocks.io/v1alpha1 kind: Cluster