From 72051ceb6338acdf57ea607ff3d5c38e434c421a Mon Sep 17 00:00:00 2001
From: Gerrit <Gerrit91@users.noreply.github.com>
Date: Wed, 11 Sep 2024 09:27:01 +0200
Subject: [PATCH] Allow firewall-controller-manager to patch infrastructure
 egressCIDRs. (#421)

---
 .../firewall-controller-manager.yaml          | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/charts/internal/control-plane/templates/firewall-controller-manager.yaml b/charts/internal/control-plane/templates/firewall-controller-manager.yaml
index b63f70e9c..734c3cb7c 100644
--- a/charts/internal/control-plane/templates/firewall-controller-manager.yaml
+++ b/charts/internal/control-plane/templates/firewall-controller-manager.yaml
@@ -68,6 +68,25 @@ rules:
   - update
   - patch
   - create
+- apiGroups:
+  - extensions.gardener.cloud
+  resources:
+  - infrastructures
+  - extensions
+  verbs:
+  - get
+- apiGroups:
+  - extensions.gardener.cloud
+  resources:
+  - infrastructures/status
+  verbs:
+  - patch
+- apiGroups:
+  - extensions.gardener.cloud
+  resources:
+  - extensions
+  verbs:
+  - update
 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1