From 0bc533c63b5cdd466d1dcf249861fdd55a77e0e3 Mon Sep 17 00:00:00 2001
From: MichaelKatsoulis <michaelkatsoulis88@gmail.com>
Date: Tue, 11 Oct 2022 12:12:30 +0300
Subject: [PATCH 1/2] Add storageclass permissions in agent clusterrole

---
 deploy/kubernetes/elastic-agent-managed-kubernetes.yaml       | 4 ++++
 .../elastic-agent-managed/elastic-agent-managed-role.yaml     | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/deploy/kubernetes/elastic-agent-managed-kubernetes.yaml b/deploy/kubernetes/elastic-agent-managed-kubernetes.yaml
index 0f7bf79f107..1f3c3d8ec9b 100644
--- a/deploy/kubernetes/elastic-agent-managed-kubernetes.yaml
+++ b/deploy/kubernetes/elastic-agent-managed-kubernetes.yaml
@@ -227,6 +227,10 @@ rules:
     resources:
       - podsecuritypolicies
     verbs: ["get", "list", "watch"]
+  - apiGroups: [ "storage.k8s.io" ]
+    resources:
+      - storageclasses
+    verbs: [ "get", "list", "watch" ]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
diff --git a/deploy/kubernetes/elastic-agent-managed/elastic-agent-managed-role.yaml b/deploy/kubernetes/elastic-agent-managed/elastic-agent-managed-role.yaml
index 0d961215f4e..778a4ba5520 100644
--- a/deploy/kubernetes/elastic-agent-managed/elastic-agent-managed-role.yaml
+++ b/deploy/kubernetes/elastic-agent-managed/elastic-agent-managed-role.yaml
@@ -63,6 +63,10 @@ rules:
     resources:
       - podsecuritypolicies
     verbs: ["get", "list", "watch"]
+  - apiGroups: [ "storage.k8s.io" ]
+    resources:
+      - storageclasses
+    verbs: [ "get", "list", "watch" ]
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role

From a161e24963afde07fcad1daa0e6373165d3c81f3 Mon Sep 17 00:00:00 2001
From: MichaelKatsoulis <michaelkatsoulis88@gmail.com>
Date: Tue, 11 Oct 2022 12:18:26 +0300
Subject: [PATCH 2/2] Add changelog

---
 CHANGELOG.next.asciidoc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc
index f178d80c735..f8033809cb4 100644
--- a/CHANGELOG.next.asciidoc
+++ b/CHANGELOG.next.asciidoc
@@ -121,7 +121,7 @@
 - Create separate status reporter for local only events so that degraded fleet-checkins no longer affect health on successful fleet-checkins. {issue}1157[1157] {pull}1285[1285]
 - Add success log message after previous checkin failures {pull}1327[1327]
 - Fix inconsistency between kubernetes pod annotations and labels in autodiscovery templates {pull}1327[1327]
-
+- Add permissions to elastic-agent-managed clusterrole to get, list, watch storageclasses {pull}1470[1470]
 ==== New features
 
 - Prepare packaging for endpoint and asc files {pull-beats}[20186]