Trying to create new Kubernets IAM role to access S3 buckets but the Terrraform pipelines are failing on QA with below error - deleting ENIs using Security Group (sg-04bd67a9329f72a81): 12 errors occurred:
* waiting for Lambda ENI (eni-06e6de72b0f0cfc7a) to become available for detachment: timeout while waiting for state to become 'available' (last state: 'in-use', timeout: 45m0s)
* waiting for Lambda ENI (eni-01f5b2c851b6fd359) to become available for detachment: timeout while waiting for state to become 'available' (last state: 'in-use', timeout: 45m0s)
* waiting for Lambda ENI (eni-0d5288b4db445e266) to become available for detachment: timeout while waiting for state to become 'available' (last state: 'in-use', timeout: 45m0s)
* waiting for Lambda ENI (eni-0c235b95db77dab34) to become available for detachment: timeout while waiting for state to become 'available' (last state: 'in-use', timeout: 45m0s)
* waiting for Lambda ENI (eni-055a3647a93152fd3) to become available for detachment: timeout while waiting for state to become 'available' (last state: 'in-use', timeout: 45m0s)
* waiting for Lambda ENI (eni-0dfbefe9f9f722a17) to become available for detachment: timeout while waiting for state to become 'available' (last state: 'in-use', timeout: 45m0s)
* waiting for Lambda ENI (eni-04b3b4df41e2f5cfb) to become available for detachment: timeout while waiting for state to become 'available' (last state: 'in-use', timeout: 45m0s)
* waiting for Lambda ENI (eni-0d1ebd1e2932b2979) to become available for detachment: timeout while waiting for state to become 'available' (last state: 'in-use', timeout: 45m0s)
* waiting for Lambda ENI (eni-0a1e42c297bee52c9) to become available for detachment: timeout while waiting for state to become 'available' (last state: 'in-use', timeout: 45m0s)
* waiting for Lambda ENI (eni-098ec27c049a4b7e1) to become available for detachment: timeout while waiting for state to become 'available' (last state: 'in-use', timeout: 45m0s)
* waiting for Lambda ENI (eni-0fd9662d879422650) to become available for detachment: timeout while waiting for state to become 'available' (last state: 'in-use', timeout: 45m0s)
* waiting for Lambda ENI (eni-0505b67f70bd31191) to become available for detachment: timeout while waiting for state to become 'available' (last state: 'in-use', timeout: 45m0s)
Below is the Code:
module "cces_ote_kube_job_role" {
source = "git::ssh://git@git.nmlv.nml.com/infrastructure/terraform-module-kubernetes-iam-role//module?ref=v3.3.4"
role_name = "ote-s3-bucket-access"
cluster_id = var.kube_cluster_id
role_description = "Allows kubernets to access to S3 folders"
namespace = "cces"
trusted_entities = [
"arn:aws:iam::${var.kube_account_id}:root", #NWM-HUBNON - Important: This needs to use the Account ID of the Kubernetes Cluster, not the application team's account.
]
tags = module.required_tags.tags
attach_policy = true
iam_policy_json = <<EOF
{
"Statement": [
{
"Action": [
"ec2:DescribeVpcs",
"dynamodb:ListTables"
],
"Effect": "Allow",
"Resource": ["*"]
}
],
"Version": "2012-10-17"
}
EOF
}
AWS OFFICIALAktualisiert vor 4 Monaten