From 9892bce1f9747ee5a9d8a9cf529de1a59bfd0c12 Mon Sep 17 00:00:00 2001
From: sluetze <13255307+sluetze@users.noreply.github.com>
Date: Mon, 14 Oct 2024 15:27:04 +0000
Subject: [PATCH] add permission for kataconfig

---
 config/rbac/api_resource_collector_cluster_role.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/config/rbac/api_resource_collector_cluster_role.yaml b/config/rbac/api_resource_collector_cluster_role.yaml
index abf361390..00de07c6d 100644
--- a/config/rbac/api_resource_collector_cluster_role.yaml
+++ b/config/rbac/api_resource_collector_cluster_role.yaml
@@ -867,3 +867,11 @@ rules:
     verbs:
       - get
       - list
+  # Necessary to check for sandboxed-containers config for BSI requirements
+  - apiGroups:
+      - kataconfiguration.openshift.io
+    verbs:
+      - list
+      - get
+    resources:
+      - kataconfigs