- Newest
- Most votes
- Most comments
Can you check and make sure that one of those IAM roles defined in the EFS policy are set as default in your Fargate instances..Refer the below on how credentials configuration does affect the default IAM role the instance takes when talking to STS service.
Refer: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
You can also get the IAM role your instances are using by default by running the command "aws sts get-caller-identity".
When I run
aws sts get-caller-identity
from my laptop I get my account. I cannot run this command from any Fargate instance because they are serverless. So how do I find out the default IAM role that is used by Fargate? I have an EC2 instance I use for development and when I run that same command I get"Arn": "arn:aws:sts::<account-id>:assumed-role/CustomEC2Agent/i-<somenumber>"
Relevant content
- asked 2 years ago
- asked 2 years ago
- asked 8 months ago
- asked 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 7 months ago
After removing the file system policy and starting my Fargate container, then looking through CloudTrail I noticed that the connection to the EFS from the container came through as an anonymous principal