kubernetesgoogle-cloud-platformcloudservice-accounts
GCP add serviceaccount permission to k8s cluster
I'm having an issue with a step within my pipeline, more exactly:
gcloud container clusters get-credentials $K8s_CLUSTER_NAME --zone=$GCLOUD_ZONE --project $GCLOUD_PROJECT_ID
Which returns:
ERROR: (gcloud.container.clusters.get-credentials) ResponseError: code=403, message=Required "container.clusters.get" permission(s) for "projects...
I am not sure how to add permissions for this serviceaccount, currently I am using .json key for this serviceaccount in order to push images to gcr.io. Thx
Solution
Apparently the problem was that I've missed a role from that serviceaccount, more exactly:
Kubernetes Engine Admin role
More info about the role:
- Kubectl error: memcache.go:265] couldn’t get current server API group list: Get
- Does NodePort route traffic only to pods that are hosted under node to which we send request? How to achieve that if it's not the case?
- How do I uninstall minikube on a Mac?
- At least one invalid signature was encountered
- How to handle CPU contention for burstable k8s pods?
- Rabbit mq - Error while waiting for Mnesia tables
- Struggling to get good performance for FastAPI on Kubernetes
- How to create kubernetes secret with multiple values for one key?
- Unable to access my minikube cluster from the browser (❗ Because you are using a Docker driver on windows, the terminal needs to be open to run it.)
- Fastify not working on Docker / Kubernetes
- Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "text/html"
- Kubernetes pull from insecure docker registry
- microk8s Connection to port 16443 was refused
- K3s pod container with root privileges
- redis-ha in kubernetes cannot failover back to master
- How to fix CSR denial by csr-auto-approver?
- How to identify the storage space left in a persistent volume claim?
- Can someone explain 'patchesStrategicMerge'
- How to fix disk-pressure on k8s node?
- Difference between PodDisruptionBudget and minimum replicas in HPA
- How to test Kubernetes validation webhook with curl?
- Configure Microk8s
- How do I get a certificate (public and private key) into a windows container in AKS?
- "The connection to the server localhost:8080 was refused - did you specify the right host or port?"
- 1 node(s) had taints that the pod didn't tolerate in kubernetes cluster
- --record has been deprecated, then what is the alternative
- Flink Kubernetes S3 state support
- How to count how many pods were started by namespace each day in PromQL?
- couldn't get current server API group list: the server has asked for the client to provide credentials error: You must be logged in to the server
- access postgres in kubernetes from an application outside the cluster