Go.Rig-Operator/deploy/rig-operator/config/rbac/vsphereblueprint_viewer_role.yaml

# This rule is not used by the project deploy itself.
# It is provided to allow the cluster admin to help manage permissions for users.
#
# Grants read-only access to rig.appstack.io resources.
# This role is intended for users who need visibility into these resources
# without permissions to modify them. It is ideal for monitoring purposes and limited-access viewing.

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app.kubernetes.io/name: deploy
    app.kubernetes.io/managed-by: kustomize
  name: vsphereblueprint-viewer-role
rules:
- apiGroups:
  - rig.appstack.io
  resources:
  - vsphereblueprints
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - rig.appstack.io
  resources:
  - vsphereblueprints/status
  verbs:
  - get
Drop initial code 2026-01-15 09:58:01 +00:00			`# This rule is not used by the project deploy itself.`
			`# It is provided to allow the cluster admin to help manage permissions for users.`
			`#`
			`# Grants read-only access to rig.appstack.io resources.`
			`# This role is intended for users who need visibility into these resources`
			`# without permissions to modify them. It is ideal for monitoring purposes and limited-access viewing.`

			`apiVersion: rbac.authorization.k8s.io/v1`
			`kind: ClusterRole`
			`metadata:`
			`labels:`
			`app.kubernetes.io/name: deploy`
			`app.kubernetes.io/managed-by: kustomize`
			`name: vsphereblueprint-viewer-role`
			`rules:`
			`- apiGroups:`
			`- rig.appstack.io`
			`resources:`
			`- vsphereblueprints`
			`verbs:`
			`- get`
			`- list`
			`- watch`
			`- apiGroups:`
			`- rig.appstack.io`
			`resources:`
			`- vsphereblueprints/status`
			`verbs:`
			`- get`