Open stevelipinski opened 2 years ago
Hi Steve,
I am not able to replicate this issue. With a user that has the permissions for roles and rolebinding (rbac.authorization.k8s.io API group) and for serviceaccounts (core API group), I have no issue deploying the Operator with the rule described above. Would you ming opening a Support ticket with us (Redis) and, in this ticket, give a little more information about what permissions were set on your user? Thanks. -- Laurent
The following Role rule can cause problems with users that are not full cluster admin:
This appears to be due to the fact that serviceaccount resources are not part of the rbac.authorization.k8s.io apiGroup and vice-versa with roles and rolebindings and the v1/null apiGroup .
On an env where the user does not have full cluster-admin rights, this error can occur:
Can the rule be split out properly into two separate rules, one for serviceaccounts and another for roles and rolebindings with the appropriate apiGroup for each?