This message was deleted.

For a Rancher API request like that, you would need to use a bearer token - do you have a token? https://rancher.com/docs/rancher/v2.6/en/user-settings/api-keys/#creating-an-api-key

Yes. The Rancher-generated kubeconfig has a token that's used as a bearer.

kubectl exec

has two API calls through Rancher. The first request is a

GET

request to list all the containers in a pod, and the second is a

POST

request to run a command on the found container. The

GET

request returns a

200

status, while the

POST

request returns a

403

. This means the token is working for some API requests.

Does the same command work if you do it from cluster explorer? from the kubectl shell in the top nav?

Yes the same

kubectl exec

command works from the Rancher shell in the cluster explorer. I’m only running into this issue on my local machine using the generated kubeconfig for that same cluster.