I am trying to create an Istio Virtualservice. However, I am getting the below error, despite me having the cluster-admin role bound to.
UPGRADE FAILED: could not get information about the resource: virtualservices.networking.istio.io "admin-ui" is forbidden: User "vaish@admin" cannot get resource "virtualservices" in API group "networking.istio.io" in the namespace "onboarding"
I also tried to create a new Clusterrole as below and create a binding to my user, which also does not yield any result.
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: istio-editor-role
labels:
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rules:
- apiGroups: ["config.istio.io", "networking.istio.io", "rbac.istio.io", "authentication.istio.io", "security.istio.io"]
resources: ["virtualservices"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"
kubectl create clusterrolebinding istio-editor-binding --clusterrole=istio-editor-role --user=vaish@admin
The solution was to add the user to the cluster-admin role