From 85d5c7bb0da16e6dfca630e2aef363e13b44993d Mon Sep 17 00:00:00 2001
From: Lin Yang <reaver@flomesh.io>
Date: Mon, 13 Jan 2025 22:32:56 +0800
Subject: [PATCH] fix: rbac

Signed-off-by: Lin Yang <reaver@flomesh.io>
---
 charts/fsm/templates/fsm-rbac.yaml | 51 ++++++++++++++++++++++++++++--
 1 file changed, 48 insertions(+), 3 deletions(-)

diff --git a/charts/fsm/templates/fsm-rbac.yaml b/charts/fsm/templates/fsm-rbac.yaml
index 5bfd3de8..2030d2f8 100644
--- a/charts/fsm/templates/fsm-rbac.yaml
+++ b/charts/fsm/templates/fsm-rbac.yaml
@@ -161,13 +161,58 @@ rules:
 
   # GatewayAPI Extension
   - apiGroups: [ "extension.gateway.flomesh.io" ]
-    resources: [ "filters", "filterdefinitions", "listenerfilters", "circuitbreakers", "faultinjections", "ratelimits", "httplogs", "metrics", "zipkins", "filterconfigs", "proxytags" ]
+    resources:
+      - "filters"
+      - "filterdefinitions"
+      - "listenerfilters"
+      - "circuitbreakers"
+      - "faultinjections"
+      - "ratelimits"
+      - "httplogs"
+      - "metrics"
+      - "zipkins"
+      - "filterconfigs"
+      - "proxytags"
+      - "iprestrictions"
+      - "externalratelimits"
+      - "concurrencylimits"
+      - "requestterminations"
     verbs: [ "get", "list", "watch", "create", "update", "patch", "delete" ]
   - apiGroups: [ "extension.gateway.flomesh.io" ]
-    resources: [ "filters/finalizers", "filterdefinitions/finalizers", "listenerfilters/finalizers", "circuitbreakers/finalizers", "faultinjections/finalizers", "ratelimits/finalizers", "httplogs/finalizers", "metrics/finalizers", "zipkins/finalizers", "filterconfigs/finalizers", "proxytags/finalizers" ]
+    resources:
+      - "filters/finalizers"
+      - "filterdefinitions/finalizers"
+      - "listenerfilters/finalizers"
+      - "circuitbreakers/finalizers"
+      - "faultinjections/finalizers"
+      - "ratelimits/finalizers"
+      - "httplogs/finalizers"
+      - "metrics/finalizers"
+      - "zipkins/finalizers"
+      - "filterconfigs/finalizers"
+      - "proxytags/finalizers"
+      - "iprestrictions/finalizers"
+      - "externalratelimits/finalizers"
+      - "concurrencylimits/finalizers"
+      - "requestterminations/finalizers"
     verbs: [ "update" ]
   - apiGroups: [ "extension.gateway.flomesh.io" ]
-    resources: [ "filters/status", "filterdefinitions/status", "listenerfilters/status", "circuitbreakers/status", "faultinjections/status", "ratelimits/status", "httplogs/status", "metrics/status", "zipkins/status", "filterconfigs/status", "proxytags/status" ]
+    resources:
+      - "filters/status"
+      - "filterdefinitions/status"
+      - "listenerfilters/status"
+      - "circuitbreakers/status"
+      - "faultinjections/status"
+      - "ratelimits/status"
+      - "httplogs/status"
+      - "metrics/status"
+      - "zipkins/status"
+      - "filterconfigs/status"
+      - "proxytags/status"
+      - "iprestrictions/status"
+      - "externalratelimits/status"
+      - "concurrencylimits/status"
+      - "requestterminations/status"
     verbs: [ "get", "patch", "update" ]
 
   # PolicyAttachment