Closed thestrid3r closed 11 months ago
facing same issue
Got it to work by using a trick, see https://github.com/ruimarinho/gsts/issues/83#issuecomment-1653591082
~/.aws/credentials
is supposed to be empty with gsts@v5. It's a feature because aws cli becomes responsible for managing that via the credentials_process
helper.
There could be a bug (maybe #83) but it's certainly not due to this behavior. Make sure your kubeconfig is updated to the following:
- name: arn:aws:eks:<region>:12345789:cluster/foobar
user:
exec:
apiVersion: client.authentication.k8s.io/v1
args:
- eks
- get-token
- --region
- <region>
- --cluster-name
- foobar
command: aws
Under the hood, this calls aws eks get-token --region <region> --cluster-name foobar
which must work regardless of this kubeconfig. This process calls gsts
in the background, taking care of the re-authentication (if needed).
After updating to the latest version any users have access to multiple AWS accounts and after updating the config file as per latest changes , EKS is looking for auth credentials in ~/.aws/credentials directory which don't have any entry and if we create same entry it's showing as circular dependency .