Is limiting permissions for the prometheus ClusterRole possible? #9672
Unanswered
victor-sudakov
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Colleagues,
Thank you for the great examples! However if I want to discover and scrape only pods for metrics, the permissions in https://github.com/prometheus/prometheus/blob/main/documentation/examples/rbac-setup.yml seem a bit excessive. If only "role: pod" is used in kubernetes_sd_configs, what RBAC permissions can be safely removed from the prometheus ClusterRole ?
The goal is to create a small prometheus statefulset which will discover and collect only application metrics (roadrunner, redis) without access to cluster-wide resources like nodes. Any ideas please?
Beta Was this translation helpful? Give feedback.
All reactions