I'm trying to set up RBAC in Kubernetes.
In my cluster, there are some default Roles like admin, cluster-admin and edit.
Those Roles differentiate between (e.g.) a deployment and deployment/status.
When I look at the k8s API reference (https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/deployment-v1/#get-read-the-specified-deployment) the description for these is identical, except for the endpoint in the request.
They have the same parameters (name, namespace, pretty) and have the same return value type (Deployment).
Why would I want to grant someone the right to get the deployment but not the deployment/status or vice versa?
The same probably goes for all the other /status endpoints...
