发表新帖
发表新帖

Error from server (Forbidden): error when creating .. : clusterroles.rbac.authorization.k8s.io …: attempt to grant extra privileges:

前端 未结
关注
2 630
小鲜肉
小鲜肉 2021-02-04 02:14

Failed to create clusterroles. <> already assigned as the roles of \"container engine admin\" & \"container engine cluster admin\"

Error from server (Forb
2条回答
  • 無奈伤痛
    無奈伤痛 (楼主)
    2021-02-04 02:45

    Based on https://cloud.google.com/container-engine/docs/role-based-access-control#setting_up_role-based_access_control

    Because of the way Container Engine checks permissions when you create a Role or ClusterRole, you must first create a RoleBinding that grants you all of the permissions included in the role you want to create.

    An example workaround is to create a RoleBinding that gives your Google identity a cluster-admin role before attempting to create additional Role or ClusterRolepermissions.

    This is a known issue in the Beta release of Role-Based Access Control in Kubernetes and Container Engine version 1.6.

    So you need to bind your account to a cluster admin role.

    0 讨论(0)
 看不清?
提交回复
热议问题