In our Kubernetes infrastructure, we get the following errors when starting the deployment of Automic 

warningError creating: pods "install-operator-856bf956f8-" is forbidden: PodSecurityPolicy: unable to admit pod: []
 
We have to give a privileged user for deployment because the standard user does not have the access to deploy the pods.

How can we set this?

Release : 21.0 and superior

Product: Automatic Automation Kubernetes Edition

Environment: Kubernetes environment where a standard user does not have the access to deploy the pods 

The Default Pod Security Policies in PKS was activated in this Kubernetes environment which did not allow helm to deploy the pods.

• pks-privileged:  Allows privileged access to pod containers, which allows the container to do almost everything a host can do. See Privileged in the Kubernetes PSP documentation for more information.
• pks-restricted: Restricts privileged access to pod containers.
  
  

Information extracted from vmware documentation: 

It is necessary to give access to the cluster role in order to allow helm installing Automic.

For this purpose, it was required to create a cluster role and a role binding as below:

apiVersion:rbac.authorization.k8s.io/v1
kind:ClusterRole
metadata:
 name:automic-role
rules:
  -apiGroups:
      -extensions
   resourceNames:
      -pks-privileged
   resources:
      -podsecuritypolicies
   verbs:
      -use

---

apiVersion:rbac.authorization.k8s.io/v1
kind:RoleBinding
metadata:
 name:automic-rolebinding
 namespace:default
roleRef:
 apiGroup:rbac.authorization.k8s.io
 kind:ClusterRole
 name:automic-role
subjects:
  -kind:Group
   apiGroup:rbac.authorization.k8s.io
   name:system:serviceaccounts