I think it should work with just get/list/watch on pods. Try it and see what happens?
/MR On Mon, Nov 8, 2021, 06:38 Victor Sudakov <[email protected]> wrote: > Dear Colleagues, > > There is a good working example of RBAC setup in > > https://github.com/prometheus/prometheus/blob/main/documentation/examples/rbac-setup.yml > However if I want to discover and scrape only pods for metrics, these > permissions seem a bit excessive. > > What RBAC permissions can be safely removed from the prometheus > ClusterRole if only "role: pod" is required? There is also a discussion > open at https://github.com/prometheus/prometheus/discussions/9672 , > you can comment there if you like. > > Thanks in advance for any input. > > -- > Victor Sudakov VAS4-RIPE > http://vas.tomsk.ru/ > 2:5005/49@fidonet > > -- > You received this message because you are subscribed to the Google Groups > "Prometheus Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/prometheus-users/YYi305hUXdhYBL/U%40admin.sibptus.ru > . > -- You received this message because you are subscribed to the Google Groups "Prometheus Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/CAMV%3D_gb%3Dro4f3pthXfGRDWRbOjbaFQaxzdGi%2BNUq8pDJCtETaw%40mail.gmail.com.
