kube2iam - Invalid role: does not match annotated role kube2iam - Invalid role: does not match annotated role kubernetes kubernetes

kube2iam - Invalid role: does not match annotated role


amazon-web-services kubernetes amazon-eks

A couple of things I can think of:

  1. It could be a problem where your node role e2e3-XXXXXXXXXX is not able to assume the ui-eb-instance role. You do have the trust relationship between the 2 roles but did you attach any permission policy to e2e3-XXXXXXXXXX?

    You can put or attach a permission policy and you can start with a policy that allows AssumeRole permissions for all the resources:

    {  "Version": "2012-10-17",   "Statement": [    {      "Action": [        "sts:AssumeRole"      ],      "Effect": "Allow",      "Resource": "*"    }  ]}

    This is also described in the kube2iam docs.

  2. It could also be that your base role arn is not being autodiscovered with --auto-discover-base-arn so you could also try: --base-role-arn=arn:aws:iam::xxxxxxx:role/

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last