I would like to create a new/custom ClusterRole that has everything the default edit role has + a few more privileges (e.g. can create namespace).
Instead of creating this role like:
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: my-custom-edit rules: - apiGroups: - "" resources: - namespaces verbs: - get - list - create - delete - patch - apiGroups: - "" resources: - secrets verbs: - list ...
as a raw copy of the existing default edit role and add all of the edit privileges + the additional privileges that I need is there someway to specify that my new custom clusterrole should inherit all the privileges from edit?
I have looked at:
If you create a new ClusterRole that matches the label selector of an existing aggregated ClusterRole, that change triggers adding the new rules into the aggregated ClusterRole
I don’t want to modify the existing default roles (or combine existing ones into a new one). I want to create a new ClusterRole that just inherits from existing default clusterroles without modifying the default role.