OLM GUI does not have permission to list its OLM CRDs #597

jsafrane · 2018-12-04T13:53:47Z

On current Kubernetes cluster (see below), "Kubernetes Marketplace" page shows:

Restricted Access
You don't have access to this section due to cluster policy.
packagemanifests.packages.apps.redhat.com is forbidden: User "system:serviceaccount:kube-system:default" cannot list resource "packagemanifests" in API group "packages.apps.redhat.com" at the cluster scope

I installed OLM this way:

Run Kubernetes using hack/local-up-cluster.sh (~today-ish master)
Install OLM using kubectl create -f deploy/upstream/manifests/latest/ (with current OLM master)
Run console using ./scripts/run_console_local.sh

The text was updated successfully, but these errors were encountered:

jsafrane · 2018-12-04T13:54:47Z

I worked around this issue by adding cluster-admin role to kube-system/default

ecordell · 2018-12-10T23:08:56Z

Hi @jsafrane

We provide two ClusterRoles that you can bind a user to: aggregate-olm-view and aggregate-olm-view. They are automatically aggregated to the view and edit roles, if those are appropriate to use.

cluster-admin works as well, but these will let you use OLM types without granting that high.

jsafrane mentioned this issue Dec 4, 2018

package-server pod keeps crashing #598

Closed

ecordell closed this as completed Dec 10, 2018

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

OLM GUI does not have permission to list its OLM CRDs #597

OLM GUI does not have permission to list its OLM CRDs #597

jsafrane commented Dec 4, 2018

jsafrane commented Dec 4, 2018

ecordell commented Dec 10, 2018

OLM GUI does not have permission to list its OLM CRDs #597

OLM GUI does not have permission to list its OLM CRDs #597

Comments

jsafrane commented Dec 4, 2018

jsafrane commented Dec 4, 2018

ecordell commented Dec 10, 2018