RBAC for K8s workspace pod
a number of weeks ago, I asked this question in this thread and got an answer to do the specification below:
Thread: helpHow to use K8s SA for RBAC
Error I am getting:
Code in my template:
I appreciate any assistance with this issue!
Thread: helpHow to use K8s SA for RBAC
Error I am getting:
ā Cleaning Up [-10ms]
ā§ Detecting persistent resources
An argument named "service_account_name" is not expected here.
ā Detecting persistent resources [10ms]
ā Cleaning Up [16ms]
template import provision for start: recv import provision: plan terraform: terraform plan: exit status 1
Run 'coder templates push --help' for usage. ā Cleaning Up [-10ms]
ā§ Detecting persistent resources
An argument named "service_account_name" is not expected here.
ā Detecting persistent resources [10ms]
ā Cleaning Up [16ms]
template import provision for start: recv import provision: plan terraform: terraform plan: exit status 1
Run 'coder templates push --help' for usage. Code in my template:
resource "kubernetes_pod" "main" {
count = data.coder_workspace.me.start_count
metadata {
name = "coder-${lower(data.coder_workspace.me.owner)}-${lower(data.coder_workspace.me.name)}"
service_account_name = "coder"
namespace = var.namespace
labels = {
"app.kubernetes.io/name" = "coder-workspace"
"app.kubernetes.io/instance" = "coder-workspace-${lower(data.coder_workspace.me.owner)}-${lower(data.coder_workspace.me.name)}"
"app.kubernetes.io/part-of" = "coder"
// Coder specific labels.
"com.coder.resource" = "true"
"com.coder.workspace.id" = data.coder_workspace.me.id
"com.coder.workspace.name" = data.coder_workspace.me.name
"com.coder.user.id" = data.coder_workspace.me.owner_id
"com.coder.user.username" = data.coder_workspace.me.owner
}
annotations = {
"com.coder.user.email" = data.coder_workspace.me.owner_email
}
}resource "kubernetes_pod" "main" {
count = data.coder_workspace.me.start_count
metadata {
name = "coder-${lower(data.coder_workspace.me.owner)}-${lower(data.coder_workspace.me.name)}"
service_account_name = "coder"
namespace = var.namespace
labels = {
"app.kubernetes.io/name" = "coder-workspace"
"app.kubernetes.io/instance" = "coder-workspace-${lower(data.coder_workspace.me.owner)}-${lower(data.coder_workspace.me.name)}"
"app.kubernetes.io/part-of" = "coder"
// Coder specific labels.
"com.coder.resource" = "true"
"com.coder.workspace.id" = data.coder_workspace.me.id
"com.coder.workspace.name" = data.coder_workspace.me.name
"com.coder.user.id" = data.coder_workspace.me.owner_id
"com.coder.user.username" = data.coder_workspace.me.owner
}
annotations = {
"com.coder.user.email" = data.coder_workspace.me.owner_email
}
}I appreciate any assistance with this issue!
