up ctx unable to connect to self-hosted managed control plane

[jahabibi]

What happened?

When using up ctx to connect to a managed control plane on a self-hosted instance running on EKS it fails to connect to the selected control plane and returns the error Error: the server has asked for the client to provide credentials and locks up. This behavior persists when attempting to explicitly navigate to the control plane by specifying it's path.

~-> kubectl config use-context javid-test@Javid-Labs-Upbound-Host.us-east-2.eksctl.io
~-> up ctx ./default/ctp-test                                                                                                                                                                                                                                                                                   
up: error: ctx.Cmd.Run(): the server has asked for the client to provide credentials

How can we reproduce it?

1. Spin up EKS based spaces host (my cluster is running v1.29.4)
2. Install spaces 1.3.1
3. Create new control plane (up ctp create ctp-test) in default namespace
4. Attempt to connect to new control plane via TUI in up ctx or explicitly via up ctx ./default/ctp-test

What environment did it happen in?

Client: Version: v0.30.0 Go Version: go1.22.2 Git Commit: 0fde460 OS/Arch: linux/amd64 Server: Crossplane Version: v1.15.2-up.1 Spaces Controller Version: 1.3.1

[jaymiracola]

I ran into this as well. The token contains an invalid number of segments error was present in spaces-router/router-control-plane .

[cwilhit]

Investigated with Javid. The reason was because the Space cluster didn't have hub authn/z enabled

[haarchri]

@cwilhit that means the issue can be closed ?