RBAC error when creating resource

[googs1025]

I followed this document to create it, but I found that the rbac permissions are insufficient. How do I modify the role permissions or serviceaccount?

root@VM-0-3-ubuntu:/home/ubuntu/argo# kubectl get pods -nargo
NAME                                   READY   STATUS    RESTARTS   AGE
argo-server-8577c7c558-lh6t7           1/1     Running   0          20m
httpbin-6c989cbc8c-f86wr               1/1     Running   0          20m
k8s-jobs-6n9wg                         0/1     Error     0          14m
minio-6b665ffb45-gq9n6                 1/1     Running   0          20m
workflow-controller-76ffbdcf8f-vlwwc   1/1     Running   0          20m
root@VM-0-3-ubuntu:/home/ubuntu/argo# kubectl logs -f k8s-jobs-6n9wg  -nargo
time="2024-07-01T00:41:39.821Z" level=info msg="capturing logs" argo=true
time="2024-07-01T00:41:39.856Z" level=info msg="Starting Workflow Executor" version=v3.5.8
time="2024-07-01T00:41:39.859Z" level=info msg="Using executor retry strategy" Duration=1s Factor=1.6 Jitter=0.5 Steps=5
time="2024-07-01T00:41:39.859Z" level=info msg="Executor initialized" deadline="0001-01-01 00:00:00 +0000 UTC" includeScriptOutput=false namespace=argo podName=k8s-jobs-6n9wg templateName=pi-tmpl version="&Version{Version:v3.5.8,BuildDate:2024-06-18T03:43:17Z,GitCommit:3bb637c0261f8c08d4346175bb8b1024719a1f11,GitTag:v3.5.8,GitTreeState:clean,GoVersion:go1.21.10,Compiler:gc,Platform:linux/amd64,}"
time="2024-07-01T00:41:39.867Z" level=info msg="Loading manifest to /tmp/manifest.yaml"
time="2024-07-01T00:41:39.867Z" level=info msg="kubectl create -f /tmp/manifest.yaml -o json"
Error from server (Forbidden): error when creating "/tmp/manifest.yaml": jobs.batch is forbidden: User "system:serviceaccount:argo:default" cannot create resource "jobs" in API group "batch" in the namespace "argo"
time="2024-07-01T00:41:40.822Z" level=info msg="sub-process exited" argo=true error="<nil>"
Error: exit status 1

[agilgur5]

You can set a serviceAccountName per Workflow and per template