Forbidden Kubernetes resources

Cannot list namespaces or nodes in the Kubernetes dashboard


Errors in the Kubernetes dashboard view:

Kubernetes access error

Kubernetes access error


Generic error:

Kubernetes unknown error

Kubernetes unknown error

Possible causes

The service account you have connected in Codefresh does not have enough permissions for your cluster.

Codefresh accesses your Kubernetes cluster via the standard Kubernetes API. As such, to work with the cluster, Codefresh needs correct RBAC privileges.


To moinitor the cluster, the service account used by Codefresh should have at least view privileges, and to also deploy to the cluster, the service account requires additional privileges.

Check the following:

  1. What service account Codefresh uses
  2. What role is assigned to this service account
  3. What access rights are possible with that role

You can see the role access with the standard kubectl commands:

kubectl get clusterrole codefresh-role -o yaml

Make sure that the privileges are at least those described in the integration page:

See The proper secure way and The proper/secure way for Kubernetes Cluster 1.24+.

Troubleshooting common issues