The minimum role needed to create clusterrolebinding is the
"containers.admin" role.
This is how the actual full error looks like:
Could not create clusterrolebinding. GKE role "containers.admin" required to create resources.
Error from server (Forbidden): clusterrolebindings.rbac.authorization.k8s.io is forbidden: User "lili" cannot create clusterrolebindings.rbac.authorization.k8s.io at the cluster scope: Required "container.clusterRoleBindings.create" permission.
Full output:
Error from server (Forbidden): clusterrolebindings.rbac.authorization.k8s.io is forbidden: User "lili" cannot create clusterrolebindings.rbac.authorization.k8s.io at the cluster scope: Required "container.clusterRoleBindings.create" permission.
Open to suggestions about if we should include the k8s errors, or does it make it harder to see the actual error we send?
The minimum role needed to create clusterrolebinding is the "containers.admin" role.
This is how the actual full error looks like:
Open to suggestions about if we should include the k8s errors, or does it make it harder to see the actual error we send?