- 最新
- 投票最多
- 评论最多
You need add the eks-fargate-pods.amazonaws.com Service Principal," typically occurs during the creation of an AWS EKS Fargate profile when the trust relationship for the PodExecutionRole is not correctly set up to allow the eks-fargate-pods.amazonaws.com service principal.
Please find the steps by step instruction as mention in below
Step 1: Go to the IAM console in AWS. Locate the PodExecutionRole you are using for your EKS Fargate profile. Check the trust relationships of this role. It should have a trust relationship with the eks-fargate-pods.amazonaws.com service principal. Step 2:Update the Trust Relationship:
Step 3: If the eks-fargate-pods.amazonaws.com service principal is not listed, you will need to add it.
Edit the trust relationship to include the following policy:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "eks-fargate-pods.amazonaws.com" }, "Action": "sts:AssumeRole" } ] }
相关内容
AWS 官方已更新 7 个月前- AWS 官方已更新 3 个月前
- AWS 官方已更新 2 年前
- AWS 官方已更新 3 年前
I have added this trust policy, but still seeing this issue. It only fails using EKSCTL cli command (eksctl create fargateprofile -f common-fargate.yaml) but successful through AWS console. My yaml syntax as follows:
apiVersion: eksctl.io/v1alpha5 kind: ClusterConfig metadata: name: <eks-cluster-name> region: us-east-1 fargateProfiles: