If you do not have sufficient permissions on the vSphere Namespace, you cannot connect to the Supervisor Cluster or to a Tanzu Kubernetes cluster as a vCenter Single Sign-On user.
Problem
The vSphere Plugin for kubectl returns the error message Error from server (Forbidden)
when you attempt to connect to a Supervisor Cluster or a Tanzu Kubernetes cluster as a vCenter Single Sign-On user.
Cause
You do not have sufficient permissions on the vSphere Namespace, or do not have cluster access.
Solution
If you are a DevOps engineer who operates the cluster, verify with your vSphere administrator that you have been granted Edit permissions for the vSphere Namespace. See Create and Configure a vSphere Namespace.
If you are a developer who is using the cluster to deploy workloads, verify with your cluster administrator that you have been granted cluster access. See Grant Developer Access to Tanzu Kubernetes Clusters.