Comment on page
Kubecost Cluster Roles
Kubecost requires read only RBAC permissions on most cluster resources in order to build a granular cost-model for all resources.
Rolecan be set to make changes in your namespace, while
ClusterRoleis required to make changes across the cluster (and therefore in all namespaces).
cluster-adminis required to install Kubecost. However, this role is not required to modify the deployment afterwards.
watchpermissions over many common Kubernetes pod and pod controller resources such as pods, deployments, StatefulSets as well as other resources which factor into to cost analysis such as namespaces, nodes, events, etc.