Provide access privilege required for cncf.kubernetes operators/executors
#40210
Comments
pykenny
added
kind:bug
|
Sure. Marked it as good-first-issue and you are free to contribute it, otherwise it will have to wait for someone to volunteer, pick it up and contribute. |
|
@pykenny A good start might be the k8s permissions in the Helm chart, e.g. https:/apache/airflow/blob/providers-cncf-kubernetes/8.3.4/chart/templates/rbac/pod-launcher-role.yaml (and others in that directory). It's not exactly the k8s operators, but it should be a similar perms profile as what is needed to launch a task pod from the k8s executor. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What do you see as an issue?
In
cncf-kubernetesprovider's operator section, it describes how each operator work, but does not mention what type of access privileges are required to run these operators.Same kind of details may be needed for the two types of Kubernetes executors as well.
Solving the problem
Provide privileges on Kubernetes resource required for each operator.
For instance, in 3rd-party
airflow_kubernetes_job_operatorpackage, it lists out all the privileges needed to gain full functionality of their operator in readme, written in RBAC format:Anything else
No response
Are you willing to submit PR?
Code of Conduct
The text was updated successfully, but these errors were encountered: