From 02bdd045b73ec54fa46d544ff90439e95e91cfbb Mon Sep 17 00:00:00 2001
From: Gregory Farnell <gregory.farnell@skybettingandgaming.com>
Date: Wed, 13 May 2020 11:09:25 +0100
Subject: [PATCH] Replaced * with specific verbs in helm rbac.

---
 charts/redisoperator/templates/rbac.yaml | 40 +++++++++++++++++++++---
 1 file changed, 35 insertions(+), 5 deletions(-)

diff --git a/charts/redisoperator/templates/rbac.yaml b/charts/redisoperator/templates/rbac.yaml
index 1bd2d6178..6bf66bb80 100644
--- a/charts/redisoperator/templates/rbac.yaml
+++ b/charts/redisoperator/templates/rbac.yaml
@@ -21,13 +21,25 @@ rules:
       - redisfailovers
       - redisfailovers/finalizers
     verbs:
-      - "*"
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - update
+      - watch
   - apiGroups:
       - apiextensions.k8s.io
     resources:
       - customresourcedefinitions
     verbs:
-      - "*"
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - update
+      - watch
   - apiGroups:
       - ""
     resources:
@@ -37,7 +49,13 @@ rules:
       - events
       - configmaps
     verbs:
-      - "*"
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - update
+      - watch
   - apiGroups:
       - ""
     resources:
@@ -50,13 +68,25 @@ rules:
       - deployments
       - statefulsets
     verbs:
-      - "*"
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - update
+      - watch
   - apiGroups:
       - policy
     resources:
       - poddisruptionbudgets
     verbs:
-      - "*"
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - update
+      - watch
 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/{{ .Values.rbac.apiVersion }}