infisical/k8-operator/config/rbac/infisicaldynamicsecret_editor_role.yaml

# This rule is not used by the project k8-operator itself.
# It is provided to allow the cluster admin to help manage permissions for users.
#
# Grants permissions to create, update, and delete resources within the secrets.infisical.com.
# This role is intended for users who need to manage these resources
# but should not control RBAC or manage permissions for others.

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app.kubernetes.io/name: k8-operator
    app.kubernetes.io/managed-by: kustomize
  name: infisicaldynamicsecret-editor-role
rules:
- apiGroups:
  - secrets.infisical.com
  resources:
  - infisicaldynamicsecrets
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
- apiGroups:
  - secrets.infisical.com
  resources:
  - infisicaldynamicsecrets/status
  verbs:
  - get