Allow access role to access pods (#20402)

This PR adds full access to `pod` resources on every namespace for default role `access`. Fixes #20401
2024-10-19 16:53:57 +00:00 · 2023-01-19 22:30:51 +00:00 · 2023-01-19 22:30:51 +00:00 · f1e897a86b
parent 1e49e7537b
commit f1e897a86b
1 changed files with 7 additions and 0 deletions
--- a/lib/services/presets.go
+++ b/lib/services/presets.go
@ -113,6 +113,13 @@ func NewPresetAccessRole() types.Role {
 				DatabaseLabels:       types.Labels{types.Wildcard: []string{types.Wildcard}},
 				DatabaseNames:        []string{teleport.TraitInternalDBNamesVariable},
 				DatabaseUsers:        []string{teleport.TraitInternalDBUsersVariable},
+				KubernetesResources: []types.KubernetesResource{
+					{
+						Kind:      types.KindKubePod,
+						Namespace: types.Wildcard,
+						Name:      types.Wildcard,
+					},
+				},
 				Rules: []types.Rule{
 					types.NewRule(types.KindEvent, RO()),
 					{