Reputation: 85
Namespaces “kube-system” is forbidden
I’m having a problem when I install ebs-csi-driver for AWS EKS I used the account with administratoraccess to install via was console but had an error “namespaces “kube-system” is forbidden: User “eks:addon-manager” cannot patch resource “namespaces” in API group “” in the namespace “kube-system”” I don’t know why the administrator permission can not install add-on. I also tried to create IAM role but follow Link but receive error : Error from server (NotFound): serviceaccounts “ebs-csi-controller-sa” not found
I just started with Kubernetes so don’t know how t resolve, Anyone can help ?
I follow Link
Upvotes: 6
Views: 3643
Answers (2)
Reputation: 3
While creating addon by default it inherit role of nodegroup, by giving permission of "AmazonEKSClusterPolicy" to your nodegroup's role might solve this issue.
Upvotes: 0
Reputation: 21
Had the same issue, after manually adding "patch" permission under namespace rule the installation was completed. I used the following command to edit that resource.
kubectl edit clusterrole eks:addon-manager
Hope this works for you :)
pd: I assume that this is needed only during the installation so after the I removed that permission.
Upvotes: 2
Related Questions
- EKS- Error from server (Forbidden): namespaces is forbidden: User "arn::x/xx" cannot list resource "namespaces" in API group "" at the cluster scope
- AccessDeniedException when calling the EKS Service with Administrator permission
- Can't attach EBS volume to statefulset pod. Wrong fs type, bad option, bad superblock on /dev/XXX, missing codepage or helper program, or other error
- AWS EBS CSI Driver: Could not delete volume ID "vol-XXX": DeleteDisk could not delete volume: UnauthorizedOperation
- InvalidParameterException: Addon version specified is not supported
- Cannot create namespaces in AWS Elastic Kubernetes Service - Forbidden
- EKS Kubernetes cannot list resource "namespaces" in API group "" at the cluster scope
- Adding IAM Group to aws-auth configmap in AWS EKS