From fa2cc6b42175022f3a4edd03ab7af14b68c70381 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Drzewiecki?= <michal.drzewiecki@sap.com>
Date: Tue, 26 Nov 2024 09:02:34 +0100
Subject: [PATCH] updates role.yaml

---
 config/rbac/role.yaml | 46 +++++++++++++++----------------------------
 1 file changed, 16 insertions(+), 30 deletions(-)

diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
index 798e3f36..cec4423a 100644
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -1,57 +1,40 @@
 ---
 apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
+kind: Role
 metadata:
   name: infrastructure-manager-role
+  namespace: kcp-system
 rules:
 - apiGroups:
-  - infrastructuremanager.kyma-project.io
+  - ""
   resources:
-  - runtimes
+  - secrets
   verbs:
   - create
   - delete
   - get
   - list
-  - patch
   - update
   - watch
 - apiGroups:
   - infrastructuremanager.kyma-project.io
   resources:
-  - runtimes/finalizers
-  verbs:
-  - update
-- apiGroups:
-  - infrastructuremanager.kyma-project.io
-  resources:
-  - runtimes/status
-  verbs:
-  - get
-  - patch
-  - update
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: infrastructure-manager-role
-  namespace: kcp-system
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - secrets
+  - gardenerclusters
   verbs:
   - create
   - delete
   - get
   - list
+  - patch
   - update
   - watch
 - apiGroups:
   - infrastructuremanager.kyma-project.io
   resources:
-  - gardenerclusters
+  - gardenerclusters/finalizers
+  - gardenerclusters/status
+  - runtimes/finalizers
+  - runtimes/status
   verbs:
   - create
   - delete
@@ -59,11 +42,14 @@ rules:
   - list
   - patch
   - update
-  - watch
 - apiGroups:
   - infrastructuremanager.kyma-project.io
   resources:
-  - gardenerclusters/finalizers
-  - gardenerclusters/status
+  - runtimes
   verbs:
+  - create
+  - get
+  - list
+  - patch
   - update
+  - watch