Open benbonnet opened 2 weeks ago
I'm having the same issue with the 20.13.1 version in eu-west-2 region. I'm not able to see the resources, and also not able to access the cluster via CLI using kubectl. In my case I just used a previous working version (19.15.4) and it did work.
By the way @bryantbiggs, where did you create the manual entry?
I don't know what you mean by a "manual entry" - the issue you are experiencing is that you haven't given your IAM identity access to the cluster
I don't know what you mean by a "manual entry" - the issue you are experiencing is that you haven't given your IAM identity access to the cluster
Sorry the question was for @benbonnet :) ... And I'm using the same user who created the cluster. It did work with 19.15.4, but not with 20.13.1
Thats because in v19.x the cluster creator was automatically added to the cluster as admin, but that is no longer the case now that cluster access entry is available. you will need to opt in to providing your IAM entity access to the cluster
Thanks @bryantbiggs !
I'm going to test it right away!!
Description
Trying out a basic kms + karpenter setup (copy pasted from the ./examples folder), in eu-west-3 (in case it matters). Everything works fine, besides the access/visibility of resources within the control plane within the aws console.
Versions
Module version [Required]: 20.13.1
Terraform version: v1.5.7
Provider version(s): hashicorp/aws : 5.53.0 hashicorp/helm : 2.13.2 alekc/kubectl : 2.0.4
Reproduction Code
N/A, copy pasted the eks + karpenter from example
Steps to reproduce the behavior:
Creates a cluster in eu-west-3. Once finished, go to aws console, enter the cluster, view the no access messages :
Create the access entry manually for arn:aws:iam:xxx:root with AmazonEKSViewPolicy, save it : everything is then okay. kubernetes resources appears, so does the node groups and all; no more "no access messages"
Expected behavior
Having everything configured for the control plane to be fully available with no extra manual steps within the aws console's eks cluster pages
Actual behavior
Having to create the access entry manually to view the resources within the aws console's cluster pages