Runtime Fabric Core Software Kubernetes Permissions

The following table lists the Kubernetes access permissions required by the Runtime Fabric agent. These access permissions are part of the Runtime Fabric helm chart and are automatically applied during the installation or upgrade.

You can’t extend or modify any of these core software access permissions. Instead, create and apply the ClusterRole and Rolebindings for the Runtime Fabric Authorized namespaces use case. Refer to Configuring Authorized Namespaces in Runtime Fabric.

Namespace	API Groups	Kubernetes Resources	Verbs
<rtf-namespace>	extensions, apps	deployments, deployments/scale, daemonsets, replicasets	*
“”	pods, pods/log, pods/portforward, pods/exec, configmaps, secrets, services, namespaces, nodes, serviceaccounts, resourcequotas, events, limitranges	*
batch	jobs, cronjobs	*
extensions	jobs	*
networking.k8s.io	networkpolicies	*
rbac.authorization.k8s.io	rolebindings, clusterroles, clusterrolebindings, roles	*
extensions,networking.k8s.io	ingresses,networkpolicies	*
rtf.mulesoft.com	persistencegateways, kubernetestemplates	*
autoscaling	horizontalpodautoscalers	*

Namespace

API Groups

Kubernetes Resources

Verbs

<rtf-namespace>

extensions, apps

deployments, deployments/scale, daemonsets, replicasets

“”

pods, pods/log, pods/portforward, pods/exec, configmaps, secrets, services, namespaces, nodes, serviceaccounts, resourcequotas, events, limitranges

batch

jobs, cronjobs

extensions

jobs

networking.k8s.io

networkpolicies

rbac.authorization.k8s.io

rolebindings, clusterroles, clusterrolebindings, roles

extensions,networking.k8s.io

ingresses,networkpolicies

rtf.mulesoft.com

persistencegateways, kubernetestemplates

autoscaling

horizontalpodautoscalers

Runtime Fabric Core Software Kubernetes Permissions

See Also