By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

kuberntes service role not able to access secret manager. User: arn:aws:sts::accountno:assumed-role/iam-role/aws-sdk-java-*** is not authorised to perform:secretmanager:GetSecretValue on resource

0

we have created a iam role and attach policy to it and annotate with service account, but we are getting above error when our java application is trying to access secret from secret manager. We have GetSecretValue policy attach to iam role that point to ARN of secret that we want to access.

Could anyone please suggest on how can we fix this?

Topics
Security, Identity, & ComplianceContainersManagement & GovernanceJava Development
Tags
AWS Identity and Access ManagementAmazon Elastic Kubernetes ServiceAWS Trusted AdvisorIAM PoliciesJava Development
Language
English
rePost-User-5011923
asked a year ago289 views
1 Answer
0

Review some of the possible reasons for secret access highlighted under article https://repost.aws/knowledge-center/secrets-manager-cross-account-key

AWS
Abhishek Mittal
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content