Serviceaccount is forbidden #360
-
Hello, I'm using the module "eks_blueprints_addons" {
source = "aws-ia/eks-blueprints-addons/aws"
version = "~> 1.0"
cluster_name = module.eks.cluster_name
cluster_endpoint = module.eks.cluster_endpoint
cluster_version = module.eks.cluster_version
oidc_provider_arn = module.eks.oidc_provider_arn
enable_metrics_server = true
metrics_server = {
chart_version = "3.12.0"
values = [templatefile("${path.module}/environments/common/metrics-server/values.yaml", {})]
}
tags = var.tags
} This the error I get:
I'm using the same user to run eks creation and addon and I made sure enable_cluster_creator_admin_permissions is set to true so the creator should have full access to the cluster. My cluster version is 1.29. I have also tried creating a new namespace or using the default namespace and it's the same issue. Any help would be greatly appreciated. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
I figured out the issue. I had to define the provider helm and ensure it was pointing to the correct cluster. provider "helm" {
kubernetes {
host = module.eks.cluster_endpoint
cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
exec {
api_version = "client.authentication.k8s.io/v1beta1"
command = "aws"
# This requires the awscli to be installed locally where Terraform is executed
args = ["eks", "get-token", "--cluster-name", module.eks.cluster_name, "--region", var.region]
}
}
} |
Beta Was this translation helpful? Give feedback.
I figured out the issue. I had to define the provider helm and ensure it was pointing to the correct cluster.