From f544d4447c74474370a916ca038d9dc7e1b39984 Mon Sep 17 00:00:00 2001
From: cong meng <mcpacino@gmail.com>
Date: Thu, 14 Oct 2021 17:00:31 +1300
Subject: [PATCH] fix(rbac) EE-1867 regular user unable to access pod and node
 stats view (#5886)

Co-authored-by: Simon Meng <simon.meng@portainer.io>
---
 api/kubernetes/cli/role.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/api/kubernetes/cli/role.go b/api/kubernetes/cli/role.go
index 7c22f1b32..4087a8fde 100644
--- a/api/kubernetes/cli/role.go
+++ b/api/kubernetes/cli/role.go
@@ -18,6 +18,11 @@ func getPortainerUserDefaultPolicies() []rbacv1.PolicyRule {
 			Resources: []string{"storageclasses"},
 			APIGroups: []string{"storage.k8s.io"},
 		},
+		{
+			Verbs:     []string{"list", "get"},
+			Resources: []string{"namespaces", "pods", "nodes"},
+			APIGroups: []string{"metrics.k8s.io"},
+		},
 	}
 }