Cannot access AKS cluster with RBAC enabled

Question

Cannot access AKS cluster with RBAC enabled

Closed this issue 6 years ago · 5 comments

Hi there,

I wanted to try your project on my AKS cluster, but I cannot select anything except context due to missing access.

[none] [none] [none] > context dev
[dev] [none] [none] > pods
Server Error: pods is forbidden: User "clusterUser" cannot list pods at the cluster scope

Here's my ~/.kube/config file:

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: XXXX
    server: https://XXX:443
  name: dev
contexts:
- context:
    cluster: dev
    user: clusterUser_dev
  name: dev
current-context: dev
kind: Config
preferences: {}
users:
- name: clusterUser_dev
  user:
    client-certificate-data: XXX
    client-key-data: XXX
    token: XXX

Answer 1 · 2018-12-17T07:26:54.000Z

I've having the same issue, @nicklan do you have any advice?

Answer 2 · 2019-02-04T08:37:22.000Z

I observe the same issues as well when trying to use click with a RBAC-enabled cluster

Answer 3 · 2019-02-08T19:30:58.000Z

Ohh hah, so AKS wants both a Bearer token, and the client cert/key. I'll need to refactor the auth stuff a bit to make this work, but should have a fix in the near future.

Answer 4 · 2019-02-08T23:35:02.000Z

This is fixed by #96 in my testing. Can any of you pull master, build and test for me that it works for you too? Thanks!

Answer 5 · 2019-02-09T00:38:19.000Z

Everything works perfectly, thanks @nicklan!