En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

cannot run kubectl commands in deployment scripts

0

I am trying to run kubectl commands through deployment scripts in codebuild. A build pipeline service role is created with appropriate permissions. However, while executing the kubectl commands, it gives permission denied error. What am I missing?

Sujets
Outils de développementConteneurs
Balises
AWS CodeBuildService Amazon Elastic Kubernetes
Langue
English
cloud-tech
demandé il y a 10 mois321 vues
1 réponse
2
Réponse acceptée

I understand that you are running kubectl command in your codebuild buildspec , so you need to make sure that your IAM service role used by your codebuild is added in aws-auth config map of eks cluster.

Let's say, your codebuld service arn is "arn:aws:iam::<account number>:role/service-role/codebuild-test-service-role", then role arn without path (ex. "arn:aws:iam::<account number>:role/codebuild-test-service-role") need to be added in aws-auth configmap of EKS Cluster.

To provide the access to IAM role in aws-auth configmap, you can refer AWS document, which will help to understand how aws-auth configmap can be updated.

Hope this helps.

AWS
INGÉNIEUR EN ASSISTANCE TECHNIQUE
Deepankar_T
répondu il y a 10 mois
profile picture
EXPERT
Sedat Salman
vérifié il y a 10 mois
profile picture
EXPERT
Riku_Kobayashi
vérifié il y a 10 mois
profile picture
EXPERT
Hiroki Takahashi
vérifié il y a 10 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents