Details
-
Bug
-
Resolution: Won't Do
-
Blocker
-
None
-
None
-
None
Description
When opening any bookinfo Service Details Page Overview tab, it fails to load data and errors are shown:
"virtualservices.networking.istio.io is forbidden: User "foo" cannot list resource "virtualservices" in API group "networking.istio.io" in the namespace "bookinfo""
Steps to reproduce:
- Install SM 1.1 with Kiali 1.12.5 and Bookinfo.
- Create a "foo" user with view only permission on "bookinfo". "oc adm policy add-cluster-role-to-user basic-user foo", oc adm policy add-role-to-user view foo -n bookinfo.
- Open Service Details page for any service from bookinfo. It crashes to open Overview tab.
And error notifications are displayed:
virtualservices.networking.istio.io is forbidden: User "foo" cannot list resource "virtualservices" in API group "networking.istio.io" in the namespace "bookinfo"'
gateways.networking.istio.io is forbidden: User "foo" cannot list resource "gateways" in API group "networking.istio.io" in the namespace "bookinfo"
Expected behaviour:
Notifications should be shown as info message and Service Details should be loaded.
With clogged in lusteradmin role user Kiali works fine.
Attachments
Issue Links
- causes
-
OSSM-173 NoN cluster-admin User configuration
-
- Closed
-