You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When the provider is run in an EKS pod, with the IAM assume role setup, that works with the AWS provider too, the provider cannot use the assumed role, the following error is dropped: * failed to load credentials: unable to assume role, {role_arn}: operation error STS: AssumeRole, https response error StatusCode: 403, RequestID: 285fca36-2088-4448-b083-b61f3bc85cfe, api error AccessDenied: User: {temp_role_user} is not authorized to perform: sts:AssumeRole on resource: {role_arn}
AWS provider is able to assume the role without any issue.
I suspect the provider should work the same way as the AWS SDK, that uses the attached ServiceAccount to gather the temporary tokens to assume the role, and then to connect to MSK.
The text was updated successfully, but these errors were encountered:
When the provider is run in an EKS pod, with the IAM assume role setup, that works with the AWS provider too, the provider cannot use the assumed role, the following error is dropped:
* failed to load credentials: unable to assume role, {role_arn}: operation error STS: AssumeRole, https response error StatusCode: 403, RequestID: 285fca36-2088-4448-b083-b61f3bc85cfe, api error AccessDenied: User: {temp_role_user} is not authorized to perform: sts:AssumeRole on resource: {role_arn}
Provider version: 0.7.1
Configuration:
AWS provider is able to assume the role without any issue.
I suspect the provider should work the same way as the AWS SDK, that uses the attached ServiceAccount to gather the temporary tokens to assume the role, and then to connect to MSK.
The text was updated successfully, but these errors were encountered: