I have successfully setup Rancher (v2.8.2). When trying to deploy a new EKS cluster I am getting this error:

Admission webhook "<http://rancher.cattle.io.clusterroletemplatebindings.management.cattle.io|rancher.cattle.io.clusterroletemplatebindings.management.cattle.io>" denied the request: user "system:serviceaccount:cattle-system:rancher" (groups=["system:serviceaccounts" "system:serviceaccounts:cattle-system" "system:authenticated"]) is attempting to grant RBAC permissions not currently held: {NonResourceURLs:["*"], Verbs:["*"]}

It appears there is no service account, clusterrole or clusterrolebinding for

system:serviceaccount:cattle-system

. I'm not finding much about what rancher is doing with RBAC inside the cluster. Does anyone have any info on this? Why is Rancher not creating the service account / clusterrole / clusterrolebinding it needs to create a cluster? Additionally when a cluster is successful but in error state because of RBAC how do I get the cluster into an active state? It seems to indefinitely stay in an error state. I do not see any re-tries and thus far deleting a cluster & re-deploy is the way I've seen to change the state. In this particular case though that would not fix anything as the issue is RBAC rancher specific.