Permissions Required for Cluster Agent and Infrastructure Visibility
This page includes the permissions (RBAC authorization) that are created when Cluster Agent, Splunk AppDynamics Operator, and Infrastructure Visibility pods are deployed in a cluster.
Cluster Agent
The get, list, and watch permissions are created when you deploy Cluster Agent for the following resources:
-
pods -
pods/log -
endpoints -
persistentvolumeclaims -
resourcequotas -
nodes -
events -
namespaces -
services -
configmaps -
secrets -
replicationcontrollers -
daemonsets -
statefulsets -
deployment -
replicasets -
jobs -
nodes -
deploymentconfigs
Cluster Agent Auto-Instrumentation
The following permissions are created when you deploy Cluster Agent with auto-instrumentation:
| Resources | Permissions Required |
|---|---|
pods |
|
pods/exec |
|
secrets |
|
configmaps |
|
|
|
update |
statefulsets |
|
deployments |
|
replicasets |
|
deploymentconfigs |
|
namespaces |
|
serviceaccounts |
|
Splunk AppDynamics Operator
The following permissions are created when you deploy Splunk AppDynamics Operator:
| Resources | Permissions Required |
|---|---|
pods |
|
pods/log |
|
endpoints |
|
persistentvolumeclaims |
|
resourcequotas |
|
nodes |
|
events |
|
namespaces |
|
services |
|
configmaps |
|
secrets |
|
deployments |
|
replicasets |
|
daemonsets |
|
statefulsets |
|
jobs |
|
Cluster-Agent |
|
Clusteragents/finalizers |
update |
Clusteragents/status |
|
Infravizs |
|
Infraviz/status |
|
Infrastructure Visibility
インフラストラクチャの可視性を展開すると、次の権限が作成されます。
| リソース | 表示/編集 | 権限が必要 |
|---|---|---|
Infravizs |
View |
|
|
|
View |
get |
Infravizs |
Edit |
|
|
|
Edit |
get |
Target Allocator
The following permissions are created when you deploy Cluster Agent Target Allocator:
| Resources | Permissions Required |
|---|---|
namespaces |
|
pods |
|
nodes |
|
statefulsets |
|