User "system:serviceaccount:gitlab-runner:default" cannot list resource "events" in API group "" in the namespace "gitlab-runner"

i am trying to setup gitlab runner with my aws eks cluster. I have been able to create the namesapces without any problem. However, when i trigger the gitlab cicd pipeline i get the following below error

ERROR: Error retrieving events list: events is forbidden: User "system:serviceaccount:gitlab-runner:default" cannot list resource "events" in API group "" in the namespace "gitlab-runner".

Here is my gitlab-runner-role.yaml file

piVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: gitlab-runner
  namespace: gitlab-runner
rules:
  - apiGroups: [""]
    resources: ["pods", "pods/exec", "pods/log", "pods/attach", "secrets", "events"]
    verbs: ["list", "get", "watch", "create", "delete", "update"]

Any help on why i am getting this error and how i can fix the issue

need to create binding to attach service account to role

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: gitlab-runner-rolebinding
  namespace: gitlab-runner
subjects:
  - kind: ServiceAccount
    name: gitlab-runner
    namespace: default
roleRef:
  kind: Role
  name: gitlab-runner
  apiGroup: rbac.authorization.k8s.io

you can check via

kubectl auth can-i list events --as=system:serviceaccount:default:gitlab-runner

This seems to be something new with GitLab 16.2 - we didn't have this problem before we upgraded the runners to the latest version.

For our runners, I just added "events" to our helm chart values file (the rbac - rules - resources section) and did a helm upgrade to apply the changes.