I have dev and stage aws accounts which are separately configured with kube2iam.
I want to have one of the pods in stage account to create records in dev route 53.
What i have did so far?
PS: The above ensure that from console I am able to do a switch role to access the dev account from stage
The below is the IAM role that one of my pods uses and it already has few permissions and this role arn is used as a pod annotation to allow the pod to communicate with other aws resources - this is working fine.
I have additionally added one policy i created from the first image which is marked in the arrow.
For some reason, the pods in stage doesnt have permission to contact the dev route 53..
I have dev and stage aws accounts which are separately configured with kube2iam. I want to have one of the pods in stage account to create records in dev route 53. What i have did so far?
PS: The above ensure that from console I am able to do a switch role to access the dev account from stage
The below is the IAM role that one of my pods uses and it already has few permissions and this role arn is used as a pod annotation to allow the pod to communicate with other aws resources - this is working fine. I have additionally added one policy i created from the first image which is marked in the arrow.
For some reason, the pods in stage doesnt have permission to contact the dev route 53..
any help would be appreciated. thanks