Kubernetes service accounts and permissions
This topic provides an overview of the service accounts used in Mission Control and their associated permissions. Each service account has a specific purpose and is granted the minimum permissions required to perform its tasks.
Service accounts in Mission Control
Here’s a list of service accounts used by Mission Control.
Agent
Name: mission-control-agent
Namespace: mission-control
Purpose: Collects host-level metrics and logs
Cluster Roles: mission-control-agent
Aggregator
Name: mission-control-aggregator
Namespace: mission-control
Purpose: Aggregates metrics and logs from all deployed and managed resources
Cass operator
Name: mission-control-cass-operator
Namespace: mission-control
Purpose: Handles the lifecycle of all Apache Cassandra, DataStax Enterprise, and Hyper Converged Database logical datacenters
Cluster Roles: mission-control-cass-operator
Roles: mission-control-cass-operator-leader
Crd upgrader
Name: mission-control-crd-upgrader
Namespace: mission-control
Purpose: Handles the upgrade of Mission Control Custom Resource Definitions
Cluster Roles: mission-control-crd-upgrader
Dex
Name: mission-control-dex
Namespace: mission-control
Purpose: Handles the routing of authentication requests to the appropriate identity provider
Cluster Roles:
-
mission-control-dex
Roles:
-
mission-control-dex
K8ssandra operator
Name: mission-control-k8ssandra-operator
Namespace: mission-control
Purpose: Handles the lifecycle of all K8ssandra resources including cluster definitions, Reaper, and Medusa components
Cluster Roles: mission-control-k8ssandra-operator
Roles: mission-control-k8ssandra-operator-leader-election-role
Kube state metrics
Name: mission-control-kube-state-metrics
Namespace: mission-control
Purpose: Collects metrics from the Kubernetes API server and Kubelet
Cluster Roles: mission-control-kube-state-metrics
Loki
Name: loki
Namespace: mission-control
Purpose: Stores and indexes log data
Cluster Roles: mission-control-loki-clusterrole
Mimir
Name: mission-control-mimir
Namespace: mission-control
Purpose: Stores and indexes metrics data
Mission control
Name: mission-control
Namespace: mission-control
Purpose:
Cluster Roles: mission-control-manager-role
Roles: mission-control-leader-election-role
Replicated
Name: replicated
Namespace: mission-control
Purpose: Installation management and reporting
Roles: replicated-role
Cluster Roles
This section details the cluster roles associated with some service accounts.
Agent
Name: mission-control-agent
Rules:
API Groups:
Resources:
-
namespaces
-
nodes
-
pods
Verbs:
-
list
-
watch
Service Accounts: mission-control-agent - mission-control
Cass operator
Name: mission-control-cass-operator
Rules:
API Groups:
Resources:
-
persistentvolumes
Verbs:
-
get
-
list
-
watch
API Groups:
-
storage.k8s.io
Resources:
-
storageclasses
Verbs:
-
get
-
list
-
watch
API Groups:
-
apps
Resources:
-
daemonsets
-
deployments
-
replicasets
-
statefulsets
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
apps
Resources:
-
deployments/finalizers
Verbs:
-
update
API Groups:
-
cassandra.datastax.com
Resources:
-
cassandradatacenters
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
cassandra.datastax.com
Resources:
-
cassandradatacenters/finalizers
Verbs:
-
delete
-
update
API Groups:
-
cassandra.datastax.com
Resources:
-
cassandradatacenters/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
control.k8ssandra.io
Resources:
-
cassandratasks
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
control.k8ssandra.io
Resources:
-
cassandratasks/finalizers
Verbs:
-
update
API Groups:
-
control.k8ssandra.io
Resources:
-
cassandratasks/status
Verbs:
-
get
-
patch
-
update
API Groups:
Resources:
-
configmaps
-
endpoints
-
events
-
persistentvolumeclaims
-
pods
-
secrets
-
services
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
events
-
pods
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
namespaces
Verbs:
-
get
API Groups:
-
policy
Resources:
-
poddisruptionbudgets
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
Service Accounts: * mission-control-cass-operator - mission-control
Crd upgrader
Name: mission-control-crd-upgrader
Rules:
API Groups:
-
apiextensions.k8s.io
Resources:
-
customresourcedefinitions
Verbs:
-
create
-
get
-
watch
-
list
-
update
-
patch
Service Accounts:
-
mission-control-crd-upgrader - mission-control
Dex
Name: mission-control-dex
Rules:
API Groups:
-
apiextensions.k8s.io
Resources:
-
customresourcedefinitions
Verbs:
-
list
-
create
Service Accounts: * mission-control-dex - mission-control
K8ssandra operator
Name: mission-control-k8ssandra-operator
Rules:
API Groups:
Resources:
-
events
Verbs:
-
create
-
patch
API Groups:
Resources:
-
pods
-
services
Verbs:
-
get
-
list
-
watch
API Groups:
-
apps
Resources:
-
deployments
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
apps
Resources:
-
statefulsets
Verbs:
-
list
-
watch
API Groups:
-
batch
Resources:
-
cronjobs
Verbs:
-
create
-
delete
-
get
-
list
-
update
-
watch
API Groups:
-
cassandra.datastax.com
Resources:
-
cassandradatacenters
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
config.k8ssandra.io
Resources:
-
clientconfigs
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
control.k8ssandra.io
Resources:
-
cassandratasks
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
control.k8ssandra.io
Resources:
-
cassandratasks/status
Verbs:
-
get
API Groups:
-
control.k8ssandra.io
Resources:
-
k8ssandratasks
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
control.k8ssandra.io
Resources:
-
k8ssandratasks/finalizers
Verbs:
-
update
API Groups:
-
control.k8ssandra.io
Resources:
-
k8ssandratasks/status
Verbs:
-
get
-
patch
-
update
API Groups:
Resources:
-
configmaps
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
endpoints
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
**API Groups:**
Resources:
-
pods
-
secrets
Verbs:
-
get
-
list
-
watch
API Groups:
Resources:
-
secrets
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
services
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
k8ssandra.io
Resources:
-
clientconfigs
-
k8ssandraclusters
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
k8ssandra.io
Resources:
-
k8ssandraclusters/finalizers
Verbs:
-
update
API Groups:
-
k8ssandra.io
Resources:
-
k8ssandraclusters/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
cassandradatacenters
Verbs:
-
get
-
list
-
watch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupjobs
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupjobs/finalizers
Verbs:
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupjobs/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackups
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackups/finalizers
Verbs:
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackups/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupschedules
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupschedules/finalizers
Verbs:
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupschedules/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusaconfigurations
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusaconfigurations/finalizers
Verbs:
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusaconfigurations/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusarestorejobs
Verbs:
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusarestorejobs/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusatasks
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusatasks/finalizers
Verbs:
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusatasks/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
monitoring.coreos.com
Resources:
-
servicemonitors
Verbs:
-
create
-
delete
-
deletecollection
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
reaper.k8ssandra.io
Resources:
-
reapers
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
reaper.k8ssandra.io
Resources:
-
reapers/finalizers
Verbs:
-
update
API Groups:
-
reaper.k8ssandra.io
Resources:
-
reapers/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
replication.k8ssandra.io
Resources:
-
replicatedsecrets
Verbs:
-
create
-
delete
-
get
-
list
-
update
-
watch
API Groups:
-
replication.k8ssandra.io
Resources:
-
replicatedsecrets/finalizers
Verbs:
-
update
API Groups:
-
replication.k8ssandra.io
Resources:
-
replicatedsecrets/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
stargate.k8ssandra.io
Resources:
-
stargates
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
stargate.k8ssandra.io
Resources:
-
stargates/finalizers
Verbs:
-
update
API Groups:
-
stargate.k8ssandra.io
Resources:
-
stargates/status
Verbs:
-
get
-
patch
-
update
Service Accounts:
-
mission-control-k8ssandra-operator - mission-control
Kube state metrics
Name: mission-control-kube-state-metrics
Rules:
API Groups:
-
certificates.k8s.io
Resources:
-
certificatesigningrequests
Verbs:
-
list
-
watch
API Groups:
Resources:
-
configmaps
Verbs:
-
list
-
watch
API Groups:
-
batch
Resources:
-
cronjobs
Verbs:
-
list
-
watch
API Groups:
-
extensions
-
apps
Resources:
-
daemonsets
Verbs:
-
list
-
watch
API Groups:
-
extensions
-
apps
Resources:
-
deployments
Verbs:
-
list
-
watch
API Groups:
Resources:
-
endpoints
Verbs:
-
list
-
watch
API Groups:
-
autoscaling
Resources:
-
horizontalpodautoscalers
Verbs:
-
list
-
watch
API Groups:
-
extensions
-
networking.k8s.io
Resources:
-
ingresses
Verbs:
-
list
-
watch
API Groups:
-
batch
Resources:
-
jobs
Verbs:
-
list
-
watch
API Groups:
-
coordination.k8s.io
Resources:
-
leases
Verbs:
-
list
-
watch
API Groups:
Resources:
-
limitranges
Verbs:
-
list
-
watch
API Groups:
-
admissionregistration.k8s.io
Resources:
-
mutatingwebhookconfigurations
Verbs:
-
list
-
watch
API Groups:
Resources:
-
namespaces
Verbs:
-
list
-
watch
API Groups:
-
networking.k8s.io
Resources:
-
networkpolicies
Verbs:
-
list
-
watch
API Groups:
Resources:
-
nodes
Verbs:
-
list
-
watch
API Groups:*
Resources:
-
persistentvolumeclaims
Verbs:
-
list
-
watch
API Groups:
Resources:
-
persistentvolumes
Verbs:
-
list
-
watch
API Groups:
-
policy
Resources:
-
poddisruptionbudgets
Verbs:
-
list
-
watch
API Groups:
Resources:
-
pods
Verbs:
-
list
-
watch
API Groups:
-
extensions
-
apps
Resources:
-
replicasets
Verbs:
-
list
-
watch
API Groups:
Resources:
-
replicationcontrollers
Verbs:
-
list
-
watch
API Groups:
Resources:
-
resourcequotas
Verbs:
-
list
-
watch
API Groups:
Resources:
-
secrets
Verbs:
-
list
-
watch
API Groups:
Resources:
-
services
Verbs:
-
list
-
watch
API Groups:
-
apps
Resources:
-
statefulsets
Verbs:
-
list
-
watch
API Groups:
-
storage.k8s.io
Resources:
-
storageclasses
Verbs:
-
list
-
watch
API Groups:
-
admissionregistration.k8s.io
Resources:
-
validatingwebhookconfigurations
Verbs:
-
list
-
watch
API Groups:
-
storage.k8s.io
Resources:
-
volumeattachments
Verbs:
-
list
-
watch
Service Accounts: * mission-control-kube-state-metrics - mission-control
Loki clusterrole
Name: mission-control-loki-clusterrole
Rules:
API Groups:
Resources:
-
configmaps
-
secrets
Verbs:
-
get
-
watch
-
list
Service Accounts:
-
loki - mission-control
Manager role
Name: mission-control-manager-role
Rules:
API Groups:
Resources:
-
events
Verbs:
-
create
-
patch
API Groups:
Resources:
-
namespaces
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
API Groups:
Resources:
-
secrets
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
secrets/finalizer
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
apps
Resources:
-
deployments
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
batch
Resources:
-
cronjobs
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
cassandra.datastax.com
Resources:
-
cassandradatacenters
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
cert-manager.io
Resources:
-
certificates
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
cert-manager.io
Resources:
-
issuers
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
config.k8ssandra.io
Resources:
-
clientconfigs
Verbs:
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
control.k8ssandra.io
Resources:
-
cassandratasks
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
control.k8ssandra.io
Resources:
-
k8ssandratasks
Verbs:
-
create
-
list
API Groups:
Resources:
-
configmaps
-
namespaces
-
secrets
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
endpoints
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
nodes
Verbs:
-
get
-
list
-
watch
API Groups:
Resources:
-
pods
Verbs:
-
get
-
list
-
watch
API Groups:
Resources:
-
services
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
k8ssandra.io
Resources:
-
k8ssandraclusters
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
k8ssandra.io
Resources:
-
k8ssandraclusters/finalizers
Verbs:
-
update
API Groups:
-
k8ssandra.io
Resources:
-
k8ssandraclusters/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupjobs
Verbs:
-
create
-
get
-
list
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackups
Verbs:
-
get
-
list
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupschedules
Verbs:
-
create
-
delete
-
get
-
list
-
patch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusaconfigurations
Verbs:
-
create
-
delete
-
get
-
list
-
patch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusarestorejobs
Verbs:
-
create
-
delete
-
get
-
list
-
patch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusatasks
Verbs:
-
create
-
delete
-
get
-
list
-
patch
API Groups:
-
missioncontrol.datastax.com
Resources:
-
missioncontrolclusters
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
missioncontrol.datastax.com
Resources:
-
missioncontrolclusters/finalizers
Verbs:
-
update
API Groups:
-
missioncontrol.datastax.com
Resources:
-
missioncontrolclusters/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
monitoring.coreos.com
Resources:
-
servicemonitors
Verbs:
-
create
-
delete
-
deletecollection
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
networking.k8s.io
Resources:
-
networkpolicies
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
reaper.k8ssandra.io
Resources:
-
reapers
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
replication.k8ssandra.io
Resources:
-
replicatedsecrets
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
security.openshift.io
Resources:
-
securitycontextconstraints
Resource Names:
-
anyuid
Verbs:
-
use
API Groups:
-
stargate.k8ssandra.io
Resources:
-
stargates
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
storage.k8s.io
Resources:
-
storageclasses
Verbs:
-
get
-
list
Service Accounts:
-
mission-control - mission-control
Roles
This section details the cluster roles associated with service accounts.
Agent
Name: mission-control-agent
Rules:
API Groups:
Resources:
-
namespaces
-
nodes
-
pods
Verbs:
-
list
-
watch
Service Accounts:
-
mission-control-agent - mission-control
Cass operator
Name: mission-control-cass-operator
Rules:
API Groups:
Resources:
-
persistentvolumes
Verbs:
-
get
-
list
-
watch
API Groups:
-
storage.k8s.io
Resources:
-
storageclasses
Verbs:
-
get
-
list
-
watch
API Groups:
-
apps
Resources:
-
daemonsets
-
deployments
-
replicasets
-
statefulsets
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
apps
Resources:
-
deployments/finalizers
Verbs:
-
update
API Groups:
-
cassandra.datastax.com
Resources:
-
cassandradatacenters
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
cassandra.datastax.com
Resources:
-
cassandradatacenters/finalizers
Verbs:
-
delete
-
update
API Groups:
-
cassandra.datastax.com
Resources:
-
cassandradatacenters/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
control.k8ssandra.io
Resources:
-
cassandratasks
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
control.k8ssandra.io
Resources:
-
cassandratasks/finalizers
Verbs:
-
update
API Groups:
-
control.k8ssandra.io
Resources:
-
cassandratasks/status
Verbs:
-
get
-
patch
-
update
API Groups:
Resources:
-
configmaps
-
endpoints
-
events
-
persistentvolumeclaims
-
pods
-
secrets
-
services
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
events
-
pods
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
namespaces
**Verbs:**
-
get
API Groups:
-
policy
Resources:
-
poddisruptionbudgets
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
Service Accounts:
-
mission-control-cass-operator - mission-control
Crd upgrader
Name: mission-control-crd-upgrader
Rules:
API Groups:
-
apiextensions.k8s.io
Resources:
-
customresourcedefinitions
Verbs:
-
create
-
get
-
watch
-
list
-
update
-
patch
Service Accounts:
-
mission-control-crd-upgrader - mission-control
Dex
Name: mission-control-dex
Rules:
API Groups:
-
apiextensions.k8s.io
Resources:
-
customresourcedefinitions
Verbs:
-
list
-
create
Service Accounts:
-
mission-control-dex - mission-control
K8ssandra operator
Name: mission-control-k8ssandra-operator
Rules:
API Groups:
Resources:
-
events
Verbs:
-
create
-
patch
API Groups:
Resources:
-
pods
-
services
*Verbs:
-
get
-
list
-
watch
API Groups:
-
apps
**Resources:**
-
deployments
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
apps
Resources:
-
statefulsets
Verbs:
-
list
-
watch
API Groups:
-
batch
Resources:
-
cronjobs
Verbs:
-
create
-
delete
-
get
-
list
-
update
-
watch
API Groups:
-
cassandra.datastax.com
Resources:
-
cassandradatacenters
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
config.k8ssandra.io
Resources:
-
clientconfigs
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
control.k8ssandra.io
Resources:
-
cassandratasks
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
control.k8ssandra.io
Resources:
-
cassandratasks/status
Verbs:
-
get
API Groups:
-
control.k8ssandra.io
Resources:
-
k8ssandratasks
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
control.k8ssandra.io
Resources:
-
k8ssandratasks/finalizers
Verbs:
-
update
API Groups:
-
control.k8ssandra.io
Resources:
-
k8ssandratasks/status
Verbs:
-
get
-
patch
-
update
API Groups:
Resources:
-
configmaps
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
endpoints
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
pods
-
secrets
Verbs:
-
get
-
list
-
watch
API Groups:
Resources:
-
secrets
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
services
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
k8ssandra.io
Resources:
-
clientconfigs
-
k8ssandraclusters
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
k8ssandra.io
Resources:
-
k8ssandraclusters/finalizers
Verbs:
-
update
API Groups:
-
k8ssandra.io
Resources:
-
k8ssandraclusters/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
cassandradatacenters
Verbs:
-
get
-
list
-
watch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupjobs
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupjobs/finalizers
Verbs:
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupjobs/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackups
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackups/finalizers
Verbs:
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackups/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupschedules
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupschedules/finalizers
Verbs:
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupschedules/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusaconfigurations
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusaconfigurations/finalizers
Verbs:
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusaconfigurations/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusarestorejobs
Verbs:
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusarestorejobs/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusatasks
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusatasks/finalizers
Verbs:
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusatasks/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
monitoring.coreos.com
Resources:
-
servicemonitors
Verbs:
-
create
-
delete
-
deletecollection
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
reaper.k8ssandra.io
Resources:
-
reapers
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
reaper.k8ssandra.io
Resources:
-
reapers/finalizers
Verbs:
-
update
API Groups:
-
reaper.k8ssandra.io
Resources:
-
reapers/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
replication.k8ssandra.io
Resources:
-
replicatedsecrets
Verbs:
-
create
-
delete
-
get
-
list
-
update
-
watch
API Groups:
-
replication.k8ssandra.io
Resources:
-
replicatedsecrets/finalizers
Verbs:
-
update
API Groups:
-
replication.k8ssandra.io
Resources:
-
replicatedsecrets/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
stargate.k8ssandra.io
Resources:
-
stargates
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
stargate.k8ssandra.io
Resources:
-
stargates/finalizers
Verbs:
-
update
API Groups:
-
stargate.k8ssandra.io
Resources:
-
stargates/status
Verbs:
-
get
-
patch
-
update
Service Accounts:
-
mission-control-k8ssandra-operator - mission-control
Kube state metrics
Name: mission-control-kube-state-metrics
Rules:
API Groups:
-
certificates.k8s.io
Resources:
-
certificatesigningrequests
Verbs:
-
list
-
watch
API Groups:
Resources:
-
configmaps
Verbs:
-
list
-
watch
API Groups:
-
batch
Resources:
-
cronjobs
Verbs:
-
list
-
watch
API Groups:
-
extensions
-
apps
Resources:
-
daemonsets
Verbs:
-
list
-
watch
API Groups:
-
extensions
-
apps
Resources:
-
deployments
Verbs:
-
list
-
watch
API Groups:
Resources:
-
endpoints
Verbs:
-
list
-
watch
API Groups:
-
autoscaling
Resources:
-
horizontalpodautoscalers
Verbs:
-
list
-
watch
API Groups:
-
extensions
-
networking.k8s.io
Resources:
-
ingresses
Verbs:
-
list
-
watch
API Groups:
-
batch
Resources:
-
jobs
Verbs:
-
list
-
watch
API Groups:
-
coordination.k8s.io
Resources:
-
leases
Verbs:
-
list
-
watch
API Groups:
Resources:
-
limitranges
Verbs:
-
list
-
watch
API Groups:
-
admissionregistration.k8s.io
Resources:
-
mutatingwebhookconfigurations
Verbs:
-
list
-
watch
API Groups:
Resources:
-
namespaces
Verbs:
-
list
-
watch
API Groups:
-
networking.k8s.io
Resources:
-
networkpolicies
Verbs:
-
list
-
watch
API Groups:
Resources:
-
nodes
Verbs:
-
list
-
watch
**API Groups:**
Resources:
-
persistentvolumeclaims
Verbs:
-
list
-
watch
API Groups:
**Resources:**
-
persistentvolumes
Verbs:
-
list
-
watch
API Groups:
-
policy
Resources:
-
poddisruptionbudgets
Verbs:
-
list
-
watch
API Groups:
Resources:
-
pods
Verbs:
-
list
-
watch
API Groups:
-
extensions
-
apps
Resources:
-
replicasets
Verbs:
-
list
-
watch
API Groups:
Resources:
-
replicationcontrollers
Verbs:
-
list
-
watch
API Groups:
Resources:
-
resourcequotas
Verbs:
-
list
-
watch
API Groups:
Resources:
-
secrets
Verbs:
-
list
-
watch
API Groups:
Resources:
-
services
Verbs: * list * watch
API Groups:
-
apps
Resources:
-
statefulsets
Verbs:
-
list
-
watch
API Groups:
-
storage.k8s.io
Resources:
-
storageclasses
Verbs:
-
list
-
watch
API Groups:
-
admissionregistration.k8s.io
Resources:
-
validatingwebhookconfigurations
Verbs:
-
list
-
watch
API Groups:
-
storage.k8s.io
Resources:
-
volumeattachments
Verbs:
-
list
-
watch
Service Accounts:
-
mission-control-kube-state-metrics - mission-control
Loki clusterrole
Name: mission-control-loki-clusterrole
Rules:
API Groups:
Resources:
-
configmaps
-
secrets
Verbs:
-
get
-
watch
-
list
Service Accounts:
-
loki - mission-control
Manager role
Name: mission-control-manager-role
Rules:
API Groups:
Resources:
-
events
Verbs:
-
create
-
patch
API Groups:
Resources:
-
namespaces
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
API Groups:
Resources:
-
secrets
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
secrets/finalizer
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
apps
Resources:
-
deployments
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
batch
Resources:
-
cronjobs
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
cassandra.datastax.com
Resources:
-
cassandradatacenters
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
cert-manager.io
Resources:
-
certificates
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
cert-manager.io
**Resources:**
-
issuers
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
config.k8ssandra.io
Resources:
-
clientconfigs
Verbs:
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
control.k8ssandra.io
Resources:
-
cassandratasks
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
control.k8ssandra.io
Resources:
-
k8ssandratasks
Verbs:
-
create
-
list
API Groups:
Resources:
-
configmaps
-
namespaces
-
secrets
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
endpoints
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
Resources:
-
nodes
Verbs:
-
get
-
list
-
watch
API Groups:
Resources:
-
pods
Verbs:
-
get
-
list
-
watch
API Groups:
Resources:
-
services
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
k8ssandra.io
Resources:
-
k8ssandraclusters
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
k8ssandra.io
Resources:
-
k8ssandraclusters/finalizers
Verbs:
-
update
API Groups:
-
k8ssandra.io
Resources:
-
k8ssandraclusters/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupjobs
Verbs:
-
create
-
get
-
list
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackups
Verbs:
-
get
-
list
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusabackupschedules
Verbs:
-
create
-
delete
-
get
-
list
-
patch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusaconfigurations
Verbs:
-
create
-
delete
-
get
-
list
-
patch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusarestorejobs
Verbs:
-
create
-
delete
-
get
-
list
-
patch
API Groups:
-
medusa.k8ssandra.io
Resources:
-
medusatasks
Verbs:
-
create
-
delete
-
get
-
list
-
patch
API Groups:
-
missioncontrol.datastax.com
Resources:
-
missioncontrolclusters
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
missioncontrol.datastax.com
Resources:
-
missioncontrolclusters/finalizers
Verbs:
-
update
API Groups:
-
missioncontrol.datastax.com
Resources:
-
missioncontrolclusters/status
Verbs:
-
get
-
patch
-
update
API Groups:
-
monitoring.coreos.com
Resources:
-
servicemonitors
Verbs:
-
create
-
delete
-
deletecollection
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
networking.k8s.io
Resources:
-
networkpolicies
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
reaper.k8ssandra.io
Resources:
-
reapers
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
replication.k8ssandra.io
Resources:
-
replicatedsecrets
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
security.openshift.io
Resources:
-
securitycontextconstraints
Resource Names:
-
anyuid
Verbs:
-
use
API Groups:
-
stargate.k8ssandra.io
Resources:
-
stargates
Verbs:
-
create
-
delete
-
get
-
list
-
patch
-
update
-
watch
API Groups:
-
storage.k8s.io
Resources:
-
storageclasses
Verbs:
-
get
-
list
Service Accounts:
-
mission-control - mission-control
