cluster-admin permissions seem to be impossible

Posted on

Hello,

I am having issues with attaching a cluster-admin role to any user in my account.

No matter what I do I cannot get an admin role attached to any user.

Joels-MacBook-Pro:tmp joelmora$ oc create clusterrolebinding registry-controller --clusterrole=cluster-admin --user=jmora@scalyr.com

Error from server (Forbidden): clusterrolebindings.rbac.authorization.k8s.io is forbidden: User "jmora@scalyr.com" cannot create clusterrolebindings.rbac.authorization.k8s.io at the cluster scope: no RBAC policy matched

Joels-MacBook-Pro:tmp joelmora$ oc create clusterrolebinding your-user-cluster-admin-binding --clusterrole=cluster-admin --user=jmora@scalyr.com

Error from server (Forbidden): clusterrolebindings.rbac.authorization.k8s.io is forbidden: User "jmora@scalyr.com" cannot create clusterrolebindings.rbac.authorization.k8s.io at the cluster scope: no RBAC policy matched

Joels-MacBook-Pro:tmp joelmora$ oc create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --serviceaccount=default:cluster-admin

Error from server (Forbidden): clusterrolebindings.rbac.authorization.k8s.io is forbidden: User "jmora@scalyr.com" cannot create clusterrolebindings.rbac.authorization.k8s.io at the cluster scope: no RBAC policy matched

Joels-MacBook-Pro:tmp joelmora$ oc create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --serviceaccount=default:cluster-admin

Error from server (Forbidden): clusterrolebindings.rbac.authorization.k8s.io is forbidden: User "jmora@scalyr.com" cannot create clusterrolebindings.rbac.authorization.k8s.io at the cluster scope: no RBAC policy matched