AccessDenied when create ebs-csi-driver

Hello,

Kindly note that the error below can happen because an important ClusterRoleBinding does not exist:

"eks:addon-manager" cannot patch resource "namespaces" in API group "" in the namespace "kube-system""

Execute the following command and check if you are able to see the 2 ClusterRoleBinding in your EKS Cluster :

kubectl get clusterrolebinding -o wide | grep addon

eks:addon-cluster-admin                                ClusterRole/cluster-admin                                          3d21h   eks:addon-manager                                                                  
eks:addon-manager                                      ClusterRole/eks:addon-manager                                      3d21h   eks:addon-manager 

If the eks:addon-cluster-admin is missing, you can use the following yaml to create it:

---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: eks:addon-cluster-admin
subjects:
- kind: User
  name: eks:addon-manager
  apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io
---

Therefore, you can apply this yaml file to your EKS Cluster:

kubectl apply -f eks-addon-cluster-admin.yaml

The eks:addon-cluster-admin ClusterRoleBinding binds the cluster-admin ClusterRole to the eks:addon-manager Kubernetes identity. The role has the necessary permissions for the eks:addon-manager identity to create Kubernetes namespaces and install add-ons into namespaces. If the eks:addon-cluster-admin ClusterRoleBinding is removed, the Amazon EKS cluster continues to function, however Amazon EKS is no longer able to manage any add-ons.[1]

[1] - https://docs.aws.amazon.com/eks/latest/userguide/eks-add-ons.html

How you create EKS cluster? Via Console?