Menu
I can't figure out whats wrong with my role binding. I keep getting this error while trying to get metrics for my pod.
"pods.metrics.k8s.io "my-pod-name" is forbidden: User "system:serviceaccount:default:default" cannot get resource "pods" in API group "metrics.k8s.io" in the namespace "default""
Here is the Cluster role yaml file
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
namespace: default
name: pod-reader
rules:
- apiGroups: ["", "metrics.k8s.io"] # "" indicates the core API group
resources: ["pods"]
verbs: ["get", "watch", "list"]
Then I ran this command
kubectl create clusterrolebinding pod-reader \
--clusterrole=pod-reader \
--serviceaccount=default:default
257
ClusterRole & ClusterRolebinding are non-namespaced resources. So, remove the namespace line from your YAML file.
Alternatively, use Role & RoleBinding if you want to scope to a namespace.
60
answered Oct 30 '25 06:10
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
