yes ofc
oc create serviceaccount icinga -n project1
oadm policy add-cluster-role-to-user admin
system:serviceaccounts:project1:icinga
oadm policy reconcile-cluster-roles —confirm
and then dump the token
oc serviceaccounts get-token icing
ty frederic!
i do login with curl but i get
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {},
"status": "Failure",
"message": "User \"system:serviceaccount:project1:icinga\" cannot list
replicationcontrollers in project \”project1\"",
"reason": "Forbidden",
"details": {
"kind": "replicationcontrollers"
},
"code": 403
}
> El 19 oct 2017, a las 16:55, Frederic Giloux <[email protected]> escribió:
>
> Hi Julio,
>
> Could you copy the commands you have used?
>
> Regards,
>
> Frédéric
>
> On 19 Oct 2017 11:43, "Julio Saura" <[email protected]
> <mailto:[email protected]>> wrote:
> Hello
>
> i am trying to create a sa for accessing rest api with token ..
>
> i have followed the doc steps
>
> creating the account, applying admin role to that account and getting the
> token
>
> trying to access replicacioncontroller info with bearer in curl, i can auth
> into but i get i have no permission to list rc on the project
>
> i also did a reconciliate role on cluster
>
> i also logged in with oc login passing token as parameter, i log in but it
> says i have no projects ..
>
> what else i am missing?
>
> ty
>
>
>
> _______________________________________________
> users mailing list
> [email protected] <mailto:[email protected]>
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
> <http://lists.openshift.redhat.com/openshiftmm/listinfo/users>
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
