Hi! As a reference you can look at how the Flink Kubernetes Operator manages RBAC settings:
https://nightlies.apache.org/flink/flink-kubernetes-operator-docs-main/docs/operations/rbac/ https://github.com/apache/flink-kubernetes-operator/blob/main/helm/flink-kubernetes-operator/templates/rbac.yaml Cheers, Gyula On Wed, Oct 19, 2022 at 9:46 PM Calvin D Souza via user < user@flink.apache.org> wrote: > Hi, > > I am using custom service account for flink native k8s. These are the > rules for the clusterrole I’m using: > > rules: > - apiGroups: [""] > resources: ["pods"] > verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] > - apiGroups: [""] > resources: ["configmaps"] > verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] > - apiGroups: [""] > resources: ["services"] > verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] > - apiGroups: ["apps"] > resources: ["deployments"] > verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] > - apiGroups: [""] > resources: ["pods/log"] > verbs: ["get", "list", "watch"] > - apiGroups: ["extensions"] > resources: ["deployments"] > verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] > > > Are there any that I am missing or that are not needed? > > Thanks, > Calvin >