From ad34a9f5d72ef2b9cffc7d97531f2845561adb73 Mon Sep 17 00:00:00 2001
From: Matt Boersma <Matt.Boersma@microsoft.com>
Date: Thu, 14 Mar 2024 13:23:44 -0600
Subject: [PATCH] Allow KubeadmCP controller to list MachinePools

---
 controlplane/kubeadm/config/rbac/role.yaml              | 6 ++++++
 controlplane/kubeadm/internal/controllers/controller.go | 1 +
 2 files changed, 7 insertions(+)

diff --git a/controlplane/kubeadm/config/rbac/role.yaml b/controlplane/kubeadm/config/rbac/role.yaml
index 8bae8c0a19f5..c79787ee7d5e 100644
--- a/controlplane/kubeadm/config/rbac/role.yaml
+++ b/controlplane/kubeadm/config/rbac/role.yaml
@@ -47,6 +47,12 @@ rules:
   - get
   - list
   - watch
+- apiGroups:
+  - cluster.x-k8s.io
+  resources:
+  - machinepools
+  verbs:
+  - list
 - apiGroups:
   - cluster.x-k8s.io
   resources:
diff --git a/controlplane/kubeadm/internal/controllers/controller.go b/controlplane/kubeadm/internal/controllers/controller.go
index d58125fc9972..22ba4f0ae2a1 100644
--- a/controlplane/kubeadm/internal/controllers/controller.go
+++ b/controlplane/kubeadm/internal/controllers/controller.go
@@ -67,6 +67,7 @@ const (
 // +kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io;bootstrap.cluster.x-k8s.io;controlplane.cluster.x-k8s.io,resources=*,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups=cluster.x-k8s.io,resources=clusters;clusters/status,verbs=get;list;watch
 // +kubebuilder:rbac:groups=cluster.x-k8s.io,resources=machines;machines/status,verbs=get;list;watch;create;update;patch;delete
+// +kubebuilder:rbac:groups=cluster.x-k8s.io,resources=machinepools,verbs=list
 // +kubebuilder:rbac:groups=apiextensions.k8s.io,resources=customresourcedefinitions,verbs=get;list;watch
 
 // KubeadmControlPlaneReconciler reconciles a KubeadmControlPlane object.