1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
According to the documentation for Amazon EKS connector IAM role, you will need to create an inline policy and the trust-relationship for the AmazonEKSConnectorAgentRole
as shown below.
Please verify if your AmazonEKSConnectorAgentRole
is configured as shown below.
IAM Policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "SsmControlChannel",
"Effect": "Allow",
"Action": [
"ssmmessages:CreateControlChannel"
],
"Resource": "arn:aws:eks:*:*:cluster/*"
},
{
"Sid": "ssmDataplaneOperations",
"Effect": "Allow",
"Action": [
"ssmmessages:CreateDataChannel",
"ssmmessages:OpenDataChannel",
"ssmmessages:OpenControlChannel"
],
"Resource": "*"
}
]
}
Trust Relationship:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "SSMAccess",
"Effect": "Allow",
"Principal": {
"Service": [
"ssm.amazonaws.com"
]
},
"Action": "sts:AssumeRole"
}
]
}
I have followed the documentation for Amazon EKS connector IAM role and I was able to register the cluster.
You can also create an issue in the AWS containers-roadmap project using this link - https://github.com/aws/containers-roadmap/issues/new/choose
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a un an
Thanks for your reply. The connector role and trust relationship were already created.
Should there be any error generated when the cluster cannot be registered? It seems odd that the register button just does nothing.