From 4f36246ef4b8f10c3142655fb6c4823b35771f18 Mon Sep 17 00:00:00 2001
From: James Sulinski <james@federacy.com>
Date: Sun, 4 Jun 2017 16:07:12 -0700
Subject: [PATCH 1/3] Add service update to nginx-ingress-controller RBAC

---
 examples/rbac/nginx/nginx-ingress-controller-rbac.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/examples/rbac/nginx/nginx-ingress-controller-rbac.yml b/examples/rbac/nginx/nginx-ingress-controller-rbac.yml
index 64561f375..13e344b51 100644
--- a/examples/rbac/nginx/nginx-ingress-controller-rbac.yml
+++ b/examples/rbac/nginx/nginx-ingress-controller-rbac.yml
@@ -39,6 +39,7 @@ rules:
       - get
       - list
       - watch
+      - update
   - apiGroups:
       - "extensions"
     resources:

From af5a3a313e358a759ef27d00a386ea8f0eaef9eb Mon Sep 17 00:00:00 2001
From: James Sulinski <james@federacy.com>
Date: Wed, 7 Jun 2017 14:33:41 -0700
Subject: [PATCH 2/3] Update docs for update permission requirement in
 rbac/nginx

---
 examples/rbac/nginx/README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/examples/rbac/nginx/README.md b/examples/rbac/nginx/README.md
index cea82cbe7..6abd537ef 100644
--- a/examples/rbac/nginx/README.md
+++ b/examples/rbac/nginx/README.md
@@ -38,7 +38,8 @@ granted to the ClusterRole named `nginx-ingress-clusterrole`
 
 * `configmaps`, `endpoints`, `nodes`, `pods`, `secrets`: list, watch
 * `nodes`: get
-* `services`, `ingresses`: get, list, watch
+* `services`: get, list, watch, update (update permission only required when using named ports)
+* `ingresses`: get, list, watch
 * `events`: create, patch
 * `ingresses/status`: update
 

From a64d828e067621f44d60ea1181b1563a709856a2 Mon Sep 17 00:00:00 2001
From: James Sulinski <james@federacy.com>
Date: Thu, 8 Jun 2017 08:36:48 -0700
Subject: [PATCH 3/3] Alphabetize nginx-ingress-controller-rbac permissions

---
 examples/rbac/nginx/nginx-ingress-controller-rbac.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/examples/rbac/nginx/nginx-ingress-controller-rbac.yml b/examples/rbac/nginx/nginx-ingress-controller-rbac.yml
index 13e344b51..2b550ed18 100644
--- a/examples/rbac/nginx/nginx-ingress-controller-rbac.yml
+++ b/examples/rbac/nginx/nginx-ingress-controller-rbac.yml
@@ -38,8 +38,8 @@ rules:
     verbs:
       - get
       - list
-      - watch
       - update
+      - watch
   - apiGroups:
       - "extensions"
     resources: