From f46a12bccb3af6e2f4908332b2acad2963fc1ab0 Mon Sep 17 00:00:00 2001
From: Matthew Wong <mawong@redhat.com>
Date: Wed, 1 Aug 2018 14:12:12 -0400
Subject: [PATCH] Change all clusterroles to have endpoints permissions and
 reduced events permissions, consolidate where possible

---
 deploy/auth/clusterrole.yaml           | 5 ++++-
 deploy/auth/openshift-clusterrole.yaml | 5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/deploy/auth/clusterrole.yaml b/deploy/auth/clusterrole.yaml
index 0c29a3c0..0ecb088b 100644
--- a/deploy/auth/clusterrole.yaml
+++ b/deploy/auth/clusterrole.yaml
@@ -14,4 +14,7 @@ rules:
     verbs: ["get", "list", "watch"]
   - apiGroups: [""]
     resources: ["events"]
-    verbs: ["list", "watch", "create", "update", "patch"]
+    verbs: ["create", "update", "patch"]
+  - apiGroups: [""]
+    resources: ["endpoints"]
+    verbs: ["get", "list", "watch", "create", "update", "patch"]
\ No newline at end of file
diff --git a/deploy/auth/openshift-clusterrole.yaml b/deploy/auth/openshift-clusterrole.yaml
index beabc8f0..2f50f5b2 100644
--- a/deploy/auth/openshift-clusterrole.yaml
+++ b/deploy/auth/openshift-clusterrole.yaml
@@ -14,4 +14,7 @@ rules:
     verbs: ["get", "list", "watch"]
   - apiGroups: [""]
     resources: ["events"]
-    verbs: ["list", "watch", "create", "update", "patch"]
+    verbs: ["create", "update", "patch"]
+  - apiGroups: [""]
+    resources: ["endpoints"]
+    verbs: ["get", "list", "watch", "create", "update", "patch"]