learn-terraform-provision-eks-cluster icon indicating copy to clipboard operation
learn-terraform-provision-eks-cluster copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

secrets is forbidden

Open mrkeyiano opened this issue 5 years ago • 1 comments

after following the whole process, and setting up the Kubernetes dashboard: i got this in the notifications:

secrets is forbidden: User "system:serviceaccount:kube-system:service-controller" cannot list resource "secrets" in API group "" in the namespace "default"

mrkeyiano avatar Oct 08 '20 17:10 mrkeyiano

Hi @mrkeyiano , did you run the right command to generate the authorization token? It seems like the token you generated is for the default namespace instead of the kube-system namespace.

$ kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep service-controller-token | awk '{print $1}')

Name:         service-controller-token-46qlm
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: service-controller
              kubernetes.io/service-account.uid: dd1948f3-6234-11ea-bb3f-0a063115cf22

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1025 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6I...

im2nguyen avatar Oct 09 '20 16:10 im2nguyen