Greetings,
We have been trying to integrate aws ex with a third party solution (prisma cloud compute protection) for a long time.
It is properly up and running EKS, however when we follow the integration steps
https://docs.paloaltonetworks.com/prisma/prisma-cloud/30/prisma-cloud-compute-edition-admin/install/deploy-console/console-on-kubernetes
on step 3: $ kubectl create -f twistlock_console.yaml
we constantly get this error that we don't understand and can't solve:
-
[ec2-user@ip-172-31-92-218 prisma_cloud]$ kubectl create -f twistlock_console.yaml
The connection to the server localhost:8080 was refused - did you specify the right host or port?
-
[ec2-user@ip-172-31-92-218 prisma_cloud]$ aws ex update-kubeconfig \
--region us-east-1
--name ex-cluster
--role-arn arn:aws:iam::269721186581:role/eks-cluster-polisa-new
Added new context arn:aws:eks:us-east-1:269721186581:cluster/eks-cluster to /home/ec2-user/.kube/config
- The error we get when we repeat the command
kubectl create -f twistlock_console.yaml
An error occurred (AccessDenied) when calling the AssumeRole operation: User: arn:aws:sts::269721186581:assumed-role/eks-worker-node-policy/i-03026de103a4602e7 is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::269721186581:role/eks-cluster-polisa-new
Unable to connect to the server: getting credentials: exec: executable aws failed with exit code 254
[ec2-user@ip-172-31-92-218 prisma_cloud]$
Please, help us, what to look to solve this problem.
Thank you in advance