Cluster Rolebinding not working for GKE Cluster + OIDC settings

117 Views Asked by PiaklA At 20 October 2024 at 00:41

I followed all the instructions from here : https://console.cloud.google.com/kubernetes/clusters/details/us-central1-c/myapp/details?project=plenary-axon-332219&pli=1

So far I can log in successfully, but I cannot list any pods.

I tried checking different formats for the cluster role binding but still no difference

  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
    name:  people-who-view-secrets
  subjects:
  - kind: User
    name: Issuer_URI#email
    apiGroup: rbac.authorization.k8s.io
  roleRef:
    kind: ClusterRole
    name: secret-viewer
    apiGroup: rbac.authorization.k8s.io

Has anyone seen this?

Original Q&A

There are 1 best solutions below

manal lamine On 06 January 2023 at 19:19

You need to add resources to manipulate

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: secret-viewer
rules:
- apiGroups: [""]
  # The resource type for which access is granted
  resources: ["secrets", "pods"] #here or namespaces , nodes
  # The permissions granted by the ClusterRole
  verbs: ["get", "watch", "list"]

Cluster Rolebinding not working for GKE Cluster + OIDC settings

There are 1 best solutions below

Related Questions in KUBERNETES

Related Questions in GOOGLE-KUBERNETES-ENGINE

Related Questions in KUBECTL

Related Questions in K8S-CLUSTER-ROLE

Trending Questions

Popular # Hahtags

Popular Questions