クラスタエージェントとインフラストラクチャの可視性に必要な権限
このページには、クラスタエージェント、Splunk AppDynamics オペレータ、およびインフラストラクチャの可視性のポッドがクラスタに展開されたときに作成される権限(RBAC 承認)が含まれています。
Cluster Agent
The get, list, and watch permissions are created when you deploy Cluster Agent for the following resources:
podspods/logendpointspersistentvolumeclaimsresourcequotasnodeseventsnamespacesservicesconfigmapssecretsreplicationcontrollersdaemonsetsstatefulsetsdeploymentreplicasetsjobsnodesdeploymentconfigs
Cluster Agent Auto-Instrumentation
The following permissions are created when you deploy Cluster Agent with auto-instrumentation:
| Resources | Permissions Required |
|---|---|
pods
|
|
pods/exec
| |
secrets
| |
configmaps
| |
|
| update
|
statefulsets
| |
deployments
| |
replicasets | |
deploymentconfigs | |
namespaces |
|
serviceaccounts |
|
Splunk AppDynamics Operator
The following permissions are created when you deploy Splunk AppDynamics Operator:
| Resources | Permissions Required |
|---|---|
pods
|
|
pods/log | |
endpoints | |
persistentvolumeclaims | |
resourcequotas | |
nodes | |
events | |
namespaces | |
services |
|
configmaps | |
secrets | |
deployments
| |
replicasets | |
daemonsets | |
statefulsets | |
jobs |
|
Cluster-Agent
|
|
Clusteragents/finalizers
| update
|
Clusteragents/status
|
|
Infravizs
|
|
Infraviz/status
|
|
Infrastructure Visibility
The following permissions are created when you deploy Infrastructure Visibility:
| Resources | View/Edit | Permissions Required |
|---|---|---|
Infravizs
|
View
|
|
|
Infravizs/status |
View
|
get
|
Infravizs
|
Edit
|
|
|
Infraviz/status |
Edit
|
get
|
Target Allocator
The following permissions are created when you deploy Cluster Agent Target Allocator:
| Resources | Permissions Required |
|---|---|
namespaces
|
|
pods
| |
nodes
| |
statefulsets
|
|