From 5c49323835eea86c2167b1948ff0a15c01704206 Mon Sep 17 00:00:00 2001
From: Javi Polo <javipolo@trovit.com>
Date: Tue, 22 Nov 2016 11:14:52 +0100
Subject: [PATCH] Add permissions to nonresourcepaths to admin and kubelet

---
 authorization-policy.jsonl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/authorization-policy.jsonl b/authorization-policy.jsonl
index 00b4dfe..5517cf9 100644
--- a/authorization-policy.jsonl
+++ b/authorization-policy.jsonl
@@ -1,5 +1,5 @@
 {"apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": {"user":"*", "nonResourcePath": "*", "readonly": true}}
-{"apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": {"user":"admin", "namespace": "*", "resource": "*", "apiGroup": "*"}}
+{"apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": {"user":"admin", "namespace": "*", "resource": "*", "apiGroup": "*", "nonResourcePath": "*"}}
 {"apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": {"user":"scheduler", "namespace": "*", "resource": "*", "apiGroup": "*"}}
-{"apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": {"user":"kubelet", "namespace": "*", "resource": "*", "apiGroup": "*"}}
+{"apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": {"user":"kubelet", "namespace": "*", "resource": "*", "apiGroup": "*", "nonResourcePath": "*"}}
 {"apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": {"group":"system:serviceaccounts", "namespace": "*", "resource": "*", "apiGroup": "*", "nonResourcePath": "*"}}