Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

cannot run kubectl commands in deployment scripts

0

I am trying to run kubectl commands through deployment scripts in codebuild. A build pipeline service role is created with appropriate permissions. However, while executing the kubectl commands, it gives permission denied error. What am I missing?

Topics
ContainersDeveloper Tools
Tags
AWS CodeBuildAmazon Elastic Kubernetes Service
Language
English
asked 3 years ago590 views
1 Answer
2
Accepted Answer

I understand that you are running kubectl command in your codebuild buildspec , so you need to make sure that your IAM service role used by your codebuild is added in aws-auth config map of eks cluster.

Let's say, your codebuld service arn is "arn:aws:iam::<account number>:role/service-role/codebuild-test-service-role", then role arn without path (ex. "arn:aws:iam::<account number>:role/codebuild-test-service-role") need to be added in aws-auth configmap of EKS Cluster.

To provide the access to IAM role in aws-auth configmap, you can refer AWS document, which will help to understand how aws-auth configmap can be updated.

Hope this helps.

AWS
SUPPORT ENGINEER
answered 3 years ago
EXPERT
reviewed 3 years ago
EXPERT
reviewed 3 years ago
EXPERT
reviewed 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content