查看helm和kustomize组件类型的应用资源拓扑图时由于K8S权限不够导致报错

[pbxie]

错误信息如下：
collector.go:165] query leaf node resource apiVersion=kustomize.toolkit.fluxcd.io/v1beta2 kind=Kustomization namespace=test name=demo-kustomize2 failure deployments.apps is forbidden: User "xxxxx" cannot list resource "deployments" in API group "apps" at the cluster scope, skip this resource

User "xxxxx"这个帐号在test这个namespace下是具有deployments的读，写权限的，配置的是rolebinding，但由于公司规则并没有配置相关的deployments的clusterRolebinding，所以才导致了上述报错。

有什么办法可以在不配置clusterRolebinding的情况下解决上述报错的问题？

[dhiguero]

Hi! To maintain the underlying RBAC rules for the user creating an application, you should enable KubeVela to impersonate the target user when creating the resources. To do that, follow the installation instructions available at: https://kubevela.io/docs/platform-engineers/auth/basic/#installation

helm upgrade --install kubevela kubevela/vela-core --create-namespace -n vela-system --set authentication.enabled=true --set authentication.withUser=true --wait

For more information, check Partial Identity Impersonation