- Newest
- Most votes
- Most comments
To connect to your EKS cluster using Lens after creating it with EKS Blueprints, you need to ensure that the IAM permissions are correctly set up. The error you're encountering suggests that there's an issue with the IAM role permissions. Here's how you can resolve this and connect using Lens:
-
First, make sure that the IAM user or role you're using with Lens has the necessary permissions to assume the EKS cluster role. You may need to add an inline policy to your IAM user or role that allows the sts:AssumeRole action on the specific role ARN used for the EKS cluster.
-
Check the trust relationship of the EKS cluster role. Ensure that it allows your IAM user or role to assume it. The trust policy should include a statement that allows your IAM entity to perform the "sts:AssumeRole" action.
-
In Lens, when adding the cluster, use the AWS credential provider option. You can either use the default AWS CLI credentials or specify a custom AWS profile that has the necessary permissions.
-
If you're using a custom AWS profile in Lens, make sure it's configured correctly in your AWS credentials file (~/.aws/credentials on Linux/macOS or %UserProfile%.aws\credentials on Windows).
-
When adding the cluster in Lens, you may need to specify the cluster name, region, and the role ARN, similar to how you did with the AWS CLI command.
If you've confirmed all these steps and are still encountering issues, you may need to review the specific IAM policies attached to your user/role and the EKS cluster role to ensure they have the necessary permissions for EKS operations.
Remember that Lens needs to be able to assume the same role that you're using successfully with the AWS CLI. If the CLI works but Lens doesn't, it's likely a configuration issue within Lens or a difference in how the credentials are being used between the two tools.
Sources
Can't connect to the EKS cluster | AWS re:Post
Create an Amazon EKS cluster - Amazon EKS
Relevant content
- asked 2 years ago
- asked 3 months ago
- asked 3 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 years ago
- How do I provide cluster access to other IAM users and roles after I create a cluster in Amazon EKS?AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 4 months ago