Hello, I’m trying to provide users with list namespace permissions. I’ve created the project_template as such:
`resource "rancher2_role_template" "project-developer-read-only" {
context = "project"
name = "Project Developer (read-only)"
rules {
api_groups = [""]
resources = [
"namespaces",
]
verbs = [
"get",
"list",
"watch"
]
}
role_template_ids = [
"view"
]
}`
Yet there might be some kind of orphaned resource because when user tries to list namespace via
kubectl get ns
They are getting following error:
Error from server (Forbidden): namespaces is forbidden: User "u-vmt27up3ma" cannot list resource "namespaces" in API group "" at the cluster scope: RBAC: clusterrole.rbac.authorization.k8s.io "p-52rgj-namespaces-readonly" not found
My question is, what kind or resource is this (prefixed with p-) and how can I find it in API and delete or detach it from users?