Skip to content

Commit

Permalink
Adding more default roles (#66)
Browse files Browse the repository at this point in the history
  • Loading branch information
@apluchik
apluchik committed May 11, 2021
1 parent 52d3a13 commit 9e59169
Showing 1 changed file with 44 additions and 4 deletions.
48 changes: 44 additions & 4 deletions common/roles.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,26 +11,46 @@ const (
ContributorRoleName = "Contributor"
// Reader Role - has access to view all resource, but can't make changes
ReaderRoleName = "Reader"
// Location Contributor Role - has permissions to run any operation on the location resource
LocationContributorRoleName = "LocationContributor"
// Group Contributor Role - has permissions to run any operation on the group resource
GroupContributorRoleName = "GroupContributor"
// Node Contributor Role - has permissions to create and get nodes
NodeContributorRoleName = "NodeContributor"
// MacPool Contributor Role - has permissions to run any operation on MacPools
// Cluster Contributor Role - has permissions to create and get clusters
ClusterContributorRoleName = "ClusterContributor"
// MacPool Contributor Role - has permissions to run any operation on mac pools
MacPoolContributorRoleName = "MacPoolContributor"
// VipPool Contributor Role - has permissions to run any operation on VipPools
// VipPool Contributor Role - has permissions to run any operation on vip pools
VipPoolContributorRoleName = "VipPoolContributor"
// GalleryImage Contributor Role - has permissions to run any operation on gallery images
GalleryImageContributorRoleName = "GalleryImageContributor"
// ControlPlane Contributor Role - has permissions to run any operation on control planes
ControlPlaneContributorRoleName = "ControlPlaneContributor"
// StorageContainer Contributor Role - has permissions to run any operation on storage containers
StorageContainerContributorRoleName = "StorageContainerContributor"
// LB Contributor Role - has permissions to run any operation on LBs
LBContributorRoleName = "LBContributor"
// Network Interface Contributor Role - has permissions to run any operation on network interfaces
NIContributorRoleName = "NetworkInterfaceContributor"
// VM Contributor Role - has permissions to run any operation on VMs
VMContributorRoleName = "VMContributor"
// VirtualMachineImage Contributor Role - has permissions to run any operation on VirtualMachineImages
VMIContributorRoleName = "VirtualMachineImageContributor"
// VirtualMachineScaleSet Contributor Role - has permissions to run any operation on VirtualMachineScaleSets
VMSSContributorRoleName = "VMSSContributor"
// BareMetalMachine Contributor Role - has permissions to run any operation on BareMetalMachines
BMMContributorRoleName = "BareMetalMachineContributor"
// VirtualNetwork Contributor Role - has permissions to run any operation on VirtualNetworks
VNetContributorRoleName = "VirtualNetworkContributor"
// VirtualHardDisk Contributor Role - has permissions to run any operation on VirtualHardDisks
VHDContributorRoleName = "VirtualHardDiskContributor"
// Kubernetes Contributor Role - has permissions to run any operation on Kubernetes resources
KubernetesContributorRoleName = "KubernetesContributor"
// EtcdCluster Contributor Role - has permissions to run any operation on EtcdClusters
EtcdClusterContributorRoleName = "EtcdClusterContributor"
// EtcdServer Contributor Role - has permissions to run any operation on EtcdServers
EtcdServerContributorRoleName = "EtcdServerContributor"
// Role Contributor Role - has permissions to operate on roles and assign them
RoleContributorRoleName = "RoleContributor"
// Identity Contributor Role - has permissions to run any operation on Identities
Expand All @@ -43,26 +63,46 @@ const (
KeyContributorRoleName = "KeyContributor"
// Secret Contributor role - has permissions to run any operation on Secrets
SecretContributorRoleName = "SecretContributor"
// Location Reader role - has permissions to run read operations on locations
LocationReaderRoleName = "LocationReader"
// Group Reader Role - has permissions to run read operations on the group resource
GroupReaderRoleName = "GroupReader"
// Node Reader Role - has permissions to get nodes
NodeReaderRoleName = "NodeReader"
// MacPool Reader Role - has permissions to run read operations on MacPools
// Cluster Reader Role - has permissions to get clusters
ClusterReaderRoleName = "ClusterReader"
// MacPool Reader Role - has permissions to run read operations on mac pools
MacPoolReaderRoleName = "MacPoolReader"
// VipPool Reader Role - has permissions to run read operations on VipPools
// VipPool Reader Role - has permissions to run read operations on vip pools
VipPoolReaderRoleName = "VipPoolReader"
// GalleryImage Reader Role - has permissions to run read operations on gallery images
GalleryImageReaderRoleName = "GalleryImageReader"
// ControlPlane Reader Role - has permissions to run read operations on control planes
ControlPlaneReaderRoleName = "ControlPlaneReader"
// StorageContainer Reader Role - has permissions to run read operations on storage containers
StorageContainerReaderRoleName = "StorageContainerReader"
// LB Reader Role - has permissions to run read operations on LBs and interfaces
LBReaderRoleName = "LBReader"
// Network Interface Reader Role - has permissions to run read operations on network interfaces
NIReaderRoleName = "NetworkInterfaceReader"
// VM Reader Role - has permissions to run read operations on VMs
VMReaderRoleName = "VMReader"
// VirtualMachineImage Reader Role - has permissions to run read operations on VirtualMachineImages
VMIReaderRoleName = "VirtualMachineImageReader"
// VirtualMachineScaleSet Reader Role - has permissions to run read operations on VirtualMachineScaleSets
VMSSReaderRoleName = "VMSSReader"
// BareMetalMachine Reader Role - has permissions to run read operations on BareMetalMachines
BMMReaderRoleName = "BareMetalMachineReader"
// VirtualNetwork Reader Role - has permissions to run read operations on VirtualNetworks
VNetReaderRoleName = "VirtualNetworkReader"
// VirtualHardDisk Reader Role - has permissions to run read operations on VirtualHardDisks
VHDReaderRoleName = "VirtualHardDiskReader"
// Kubernetes Reader Role - has permissions to run read operations on Kubernetes resources
KubernetesReaderRoleName = "KubernetesReader"
// EtcdCluster Reader Role - has permissions to run read operations on EtcdClusters
EtcdClusterReaderRoleName = "EtcdClusterReader"
// EtcdServer Reader Role - has permissions to run read operations on EtcdServers
EtcdServerReaderRoleName = "EtcdServerReader"
// Identity Reader Role - has permissions to run read operations on Identities
IdentityReaderRoleName = "IdentityReader"
// Role Reader Role - has permissions to operate on roles and assign them
Expand Down

0 comments on commit 9e59169

Please sign in to comment.