K
Q

Kubernetes RBAC - user has access to get pods but it says 'Unauthorized'

4/10/2020

I have configured keycloak for Kubernetes RBAC.

  • user having access to get pods
vagrant@haproxy:~/.kube$ kubectl auth can-i get pods --user=oidc
Warning: the server doesn't have a resource type 'pods'
yes

vagrant@haproxy:~/.kube$ kubectl get pods --user=oidc
error: You must be logged in to the server (Unauthorized)

my kubeconfig file for the user looks like below

users:
- name: oidc
  user:
    exec:
      apiVersion: client.authentication.k8s.io/v1beta1
      args:
      - oidc-login
      - get-token
      - --oidc-issuer-url=https://test.example.com/auth/realms/kubernetes
      - --oidc-client-id=kubernetes
      - --oidc-client-secret=e479f74d-d9fd-415b-b1db-fd7946d3ad90
      - --username=test
      - --grant-type=authcode-keyboard
      command: kubectl

Is there anyway to get this to work?

-- Shash
keycloak
kubernetes
rbac

Similar Questions

Can't install keycloak by helm on kubernetes
Kubernetes container VolumeMounts not found?
How to run/deploy Spring Boot Microservice from IntelliJ into local Kubernetes cluster?
Kubernetes: how autoscaling initial readiness is specified?

1 Answer

4/10/2020

The issue was with the ip address of the cluster. You might have to configure the DNS name if the ip address.

-- Shash
Source: StackOverflow