You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi All,
I am trying to deploy to EKS from CodeBuild. It is using a service role "codebuild-checking-service-role". I have tried adding this service role in configmap aws-auth. I have tried adding it under mapRoles: section, as well as also tried with it uner mapUsers: section (following some sugestions). But in both case it is giving an error - You must be logged in to the server (Unauthorized)
Since it is creating a dynamic role binding , is it sufficient to add on service role arn i.e. for the caller identity it shows arn:aws:sts::11111111111:assumed-role/codebuild-checking-service-role/AWSCodeBuild-b8e28caf-28f5-4eec-bda5-a3ea4174da26 ; since it is dynamic value how will it work?
2020/07/30 18:16:18 Running command aws sts get-caller-identity --
20 | {
21 | "UserId": "AROA2TWYKNW7S2GT3EEBP:AWSCodeBuild-b8e28caf-28f5-4eec-bda5-a3ea4174da26",
22 | "Account": "11111111111",
23 | "Arn": "arn:aws:sts::11111111111:assumed-role/codebuild-checking-service-role/AWSCodeBuild-b8e28caf-28f5-4eec-bda5-a3ea4174da26"
24 | }
25 |
26 | [Container] 2020/07/30 18:16:24 Running command aws eks update-kubeconfig --name <---> --region <--->
27 | Added new context arn:aws:eks:ap-south-1:729524366783:cluster/eks-digital to /root/.kube/config
28 |
29 | [Container] 2020/07/30 18:16:24 Running command aws eks update-kubeconfig --name <---> --region <---> --role-arn arn:aws:iam::11111111111:role/service-role/codebuild-checking-service-role
30 | Updated context arn:aws:eks:ap-south-1:729524366783:cluster/eks-digital in /root/.kube/config
31 |
32 | [Container] 2020/07/30 18:16:25 Running command kubectl get nodes
33 | error: You must be logged in to the server (Unauthorized)
Thanks a lot for any suggestion.
Regards.
The text was updated successfully, but these errors were encountered:
Hi All,
I am trying to deploy to EKS from CodeBuild. It is using a service role "codebuild-checking-service-role". I have tried adding this service role in configmap aws-auth. I have tried adding it under mapRoles: section, as well as also tried with it uner mapUsers: section (following some sugestions). But in both case it is giving an error - You must be logged in to the server (Unauthorized)
Since it is creating a dynamic role binding , is it sufficient to add on service role arn i.e. for the caller identity it shows arn:aws:sts::11111111111:assumed-role/codebuild-checking-service-role/AWSCodeBuild-b8e28caf-28f5-4eec-bda5-a3ea4174da26 ; since it is dynamic value how will it work?
2020/07/30 18:16:18 Running command aws sts get-caller-identity --
20 | {
21 | "UserId": "AROA2TWYKNW7S2GT3EEBP:AWSCodeBuild-b8e28caf-28f5-4eec-bda5-a3ea4174da26",
22 | "Account": "11111111111",
23 | "Arn": "arn:aws:sts::11111111111:assumed-role/codebuild-checking-service-role/AWSCodeBuild-b8e28caf-28f5-4eec-bda5-a3ea4174da26"
24 | }
25 |
26 | [Container] 2020/07/30 18:16:24 Running command aws eks update-kubeconfig --name <---> --region <--->
27 | Added new context arn:aws:eks:ap-south-1:729524366783:cluster/eks-digital to /root/.kube/config
28 |
29 | [Container] 2020/07/30 18:16:24 Running command aws eks update-kubeconfig --name <---> --region <---> --role-arn arn:aws:iam::11111111111:role/service-role/codebuild-checking-service-role
30 | Updated context arn:aws:eks:ap-south-1:729524366783:cluster/eks-digital in /root/.kube/config
31 |
32 | [Container] 2020/07/30 18:16:25 Running command kubectl get nodes
33 | error: You must be logged in to the server (Unauthorized)
Thanks a lot for any suggestion.
Regards.
The text was updated successfully, but these errors were encountered: