[OpenShift]'oc get nodes --as-user' option does not work
Issue
cluster-reader
role is set for group and added user who has no other roles. This user and all other users in group still are forbidden to get nodes ONLY when using the--as=<user-name>
option.
$ oc get nodes --as="user-name" --loglevel=5
I0120 22:42:12.051045 57456 helpers.go:201] server response object: [{
"kind": "Status",
"apiVersion": "v1",
"metadata": {},
"status": "Failure",
"message": "nodes is forbidden: User \"user-name\" cannot list nodes at the cluster scope: User \"user-name\" cannot list all nodes in the cluster",
"reason": "Forbidden",
"details": {
"kind": "nodes"
},
"code": 403
}]
F0120 22:42:12.051141 57456 helpers.go:119] Error from server (Forbidden): nodes is forbidden: User "user-name" cannot list nodes at the cluster scope: User "user-name" cannot list all nodes in the cluster
Environment
- OpenShift Container Platform 3.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.