-
-
Notifications
You must be signed in to change notification settings - Fork 133
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Provider Cannot Assume Role From EKS #423
Comments
@CSimpiFoN did you find a workaround? |
We also faced this error inside a EKS pod. I am not fully sure, if its the same error, but we kept getting the error message: |
it's cuz the pod has as seen here
workaround is set |
works for me now for 0.8.1 |
When the provider is run in an EKS pod, with the IAM assume role setup, that works with the AWS provider too, the provider cannot use the assumed role, the following error is dropped:
* failed to load credentials: unable to assume role, {role_arn}: operation error STS: AssumeRole, https response error StatusCode: 403, RequestID: 285fca36-2088-4448-b083-b61f3bc85cfe, api error AccessDenied: User: {temp_role_user} is not authorized to perform: sts:AssumeRole on resource: {role_arn}
Provider version: 0.7.1
Configuration:
AWS provider is able to assume the role without any issue.
I suspect the provider should work the same way as the AWS SDK, that uses the attached ServiceAccount to gather the temporary tokens to assume the role, and then to connect to MSK.
The text was updated successfully, but these errors were encountered: