Question

Forbidden!Configured service account doesn't have access. Service account may have been revoked. User "system:serviceaccount:default:default" cannot get services in the namespace "mycomp-services-process"

I created a new namespace called "mycomp-service-process" and checked the issue but again it shows a message like this:

Message: Forbidden!Configured service account doesn't have access. Service account may have been revoked. User "system:serviceaccount:mycomp-services-process:default" cannot get services in the namespace "mycomp-services-process"

Answer 1

Your approach is wrong here. Namespace is not the issue. Here the first error is that of the srviceaccount in the default namespace is unable to get the services. You should assign a role to that user using clusterrolebinding.

Using min. privileges, create a role to access and list services:

kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  namespace: default
  name: service-reader
rules:
- apiGroups: [""] # "" indicates the core API group
  resources: ["services"]
  verbs: ["get", "watch", "list"]

This will create a clusterrole which can list, get and watch services. Now you can use this clusterrole to create a clusterrolebinding:

kubectl create clusterrolebinding service-reader-pod \
  --clusterrole=service-reader  \
  --serviceaccount=default:default

Here the service-reader-pod is the name of clusterrolebinding and it assigns the service-reader clusterrole to the default serviceaccount in default namespace. Follow similar steps to rectify your second error.

In this case I created clusterrole and clusterrolebinding but you might want to create a roleand rolebinding instead. You can check the documentation in detail here