How To Resolve ‘Kubernetes API Call Failed Due To Lack Of Permissions’ In Harness CD?


  • Harness Continuous Delivery


  • Infrastructure: Harness Saas
  • OS: Mac, Windows or Linux


I was referring to this guide in Harness docs to learn about the Harness CD. Upon running the pipeline, I get this error -
Invalid request: Failed to get ConfigMap. Code: 403, message:{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"configmaps \"release-abcdef\" is forbidden: User \"system:serviceaccount:sa:harness\" cannot get resource \"configmaps\" in API group \"\" in the namespace \"ns\"","reason":"Forbidden","details":{"name":"release-abcdef","kind":"configmaps"},"code":403}


Harness uses its own ConfigMap for every deployment to store the release history in a Kubernetes cluster. This ConfigMap can be used for Rollback if deployment fails.

Let’s say you are at your very first deployment(ConfigMap is yet to be created by Harness), now you want to make an API call to check if ConfigMap exists and you might get this error, that means API calls are failing due to permissions. You can refer to the following docs:

  1. Kubernetes Versioning and Annotations in CG
  2. Kubernetes Releases and Versioning in NG

Check for the permissions and try again.