By using AWS re:Post, you agree to the Terms of Use
AWS re:Postre:Post
/EKS Anywhere\Connector - Register New Cluster Button Does Not React/

EKS Anywhere\Connector - Register New Cluster Button Does Not React

0

I've been able to create a local EKS Anywhere cluster in vCenter. I'd like to register it with EKS (using the webUI) but when I complete the form the 'Register' button doesn't react at all. There are no indications of missing fields, no error, and the button is not 'greyed out' it just doesn't react at all when clicked. We have created the AmazonEKSConnectorAgentRole role as defined in the prereqs and I have the required permissions. eks:RegisterCluster ssm:CreateActivation ssm:DeleteActivation iam:PassRole

Topics
Containers
Tags
Amazon Elastic Kubernetes Service
thomaseldredge
asked 7 months ago37 views
1 Answer
0

According to the documentation for Amazon EKS connector IAM role, you will need to create an inline policy and the trust-relationship for the AmazonEKSConnectorAgentRole as shown below.

Please verify if your AmazonEKSConnectorAgentRole is configured as shown below.

IAM Policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "SsmControlChannel",
            "Effect": "Allow",
            "Action": [
                "ssmmessages:CreateControlChannel"
            ],
            "Resource": "arn:aws:eks:*:*:cluster/*"
        },
        {
            "Sid": "ssmDataplaneOperations",
            "Effect": "Allow",
            "Action": [
                "ssmmessages:CreateDataChannel",
                "ssmmessages:OpenDataChannel",
                "ssmmessages:OpenControlChannel"
            ],
            "Resource": "*"
        }
    ]
}

Trust Relationship:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "SSMAccess",
            "Effect": "Allow",
            "Principal": {
                "Service": [
                    "ssm.amazonaws.com"
                ]
            },
            "Action": "sts:AssumeRole"
        }
    ]
}

I have followed the documentation for Amazon EKS connector IAM role and I was able to register the cluster.

You can also create an issue in the AWS containers-roadmap project using this link - https://github.com/aws/containers-roadmap/issues/new/choose

profile picture
SUPPORT ENGINEER
Venkat Penmetsa
answered 7 months ago
  • thomaseldredge 7 months ago

    Thanks for your reply. The connector role and trust relationship were already created.

    Should there be any error generated when the cluster cannot be registered? It seems odd that the register button just does nothing.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant questions