I have the following RoleBinding (it was deployed by Helm:
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
annotations:
meta.helm.sh/release-name: environment-namespaces
meta.helm.sh/release-namespace: namespace-metadata
creationTimestamp: "2021-04-23T17:16:50Z"
labels:
app.kubernetes.io/managed-by: Helm
name: SA-DevK8s-admin
namespace: dev-my-product-name-here
resourceVersion: "29221536"
selfLink: /apis/rbac.authorization.k8s.io/v1/namespaces/dev-my-product-name-here/rolebindings/SA-DevK8s-admin
uid: 4818d6ed-9320-408c-82c3-51e627d9f375
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: admin
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: User
name: [email protected]
When I login to the cluster as [email protected] and run kubectl get pods -n dev-my-product-name-here it get the following error:
Error from server (Forbidden): pods is forbidden: User "[email protected]" cannot list resource "pods" in API group "" in the namespace "dev-my-product-name-here"
Shouldn't a user who has the ClusterRole of admin in a namespace be able to list the pods for that namespace?
