Hi Julio, the following works for me: # oc new-project project1 # oc create serviceaccount inciga -n project1 # oc policy add-role-to-user admin system:serviceaccounts:project1:inciga -n project1 # curl -k -H "Authorization: Bearer $(oc sa get-token inciga -n project1)" -H "Content-Type: application/json" https://192.168.42.199:8443/api/v1/namespaces/project1/replicationcontrollers
Regards, Frédéric On Thu, Oct 19, 2017 at 4:58 PM, Julio Saura <[email protected]> wrote: > yes ofc > > oc create serviceaccount icinga -n project1 > > oadm policy add-cluster-role-to-user admin system:serviceaccounts: > project1:icinga > > oadm policy reconcile-cluster-roles —confirm > > and then dump the token > > oc serviceaccounts get-token icing > > > ty frederic! > > i do login with curl but i get > > { > "kind": "Status", > "apiVersion": "v1", > "metadata": {}, > "status": "Failure", > "message": "User \"system:serviceaccount:project1:icinga\" cannot list > replicationcontrollers in project \”project1\"", > "reason": "Forbidden", > "details": { > "kind": "replicationcontrollers" > }, > "code": 403 > } > > > > > > El 19 oct 2017, a las 16:55, Frederic Giloux <[email protected]> > escribió: > > Hi Julio, > > Could you copy the commands you have used? > > Regards, > > Frédéric > > On 19 Oct 2017 11:43, "Julio Saura" <[email protected]> wrote: > >> Hello >> >> i am trying to create a sa for accessing rest api with token .. >> >> i have followed the doc steps >> >> creating the account, applying admin role to that account and getting the >> token >> >> trying to access replicacioncontroller info with bearer in curl, i can >> auth into but i get i have no permission to list rc on the project >> >> i also did a reconciliate role on cluster >> >> i also logged in with oc login passing token as parameter, i log in but >> it says i have no projects .. >> >> what else i am missing? >> >> ty >> >> >> >> _______________________________________________ >> users mailing list >> [email protected] >> http://lists.openshift.redhat.com/openshiftmm/listinfo/users >> > > -- *Frédéric Giloux* Senior Middleware Consultant Red Hat Germany [email protected] M: +49-174-172-4661 redhat.com | TRIED. TESTED. TRUSTED. | redhat.com/trusted ________________________________________________________________________ Red Hat GmbH, http://www.de.redhat.com/ Sitz: Grasbrunn, Handelsregister: Amtsgericht München, HRB 153243 Geschäftsführer: Paul Argiry, Charles Cachera, Michael Cunningham, Michael O'Neill
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
