- Newest
- Most votes
- Most comments
Hello,
The issue you're facing with eksctl create iamserviceaccount seems to be related to the existing service account in the kube-system namespace. Eksctl by default excludes existing service accounts during creation.
Here's how you can reuse the existing AmazonEKSLoadBalancerControllerRole in another EKS cluster:
Override Existing Service Account:
Use the --override-existing-serviceaccounts
flag with eksctl create iamserviceaccount
to force creation even if a service account exists:
eksctl create iamserviceaccount --cluster=[new-cluster] --namespace=kube-system --name=aws-load-balancer-controller --attach-role-arn [arn of existing role] --override-existing-serviceaccounts
Verify IAM Service Account:
After running the command with the --override-existing-serviceaccounts
flag, check if the service account is created:
eksctl get iamserviceaccount --namespace kube-system --cluster=[new cluster]
This command should now display the aws-load-balancer-controller service account.
Referral Link: The documentation you linked (https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-controller.html)
Hi,
Was the cluster created with eksctl command? I tried the command you shared on a cluster and got the same response but my cluster was not created with eksctl command. I dont work much with eksctl so unsure if the cluster needs to created with eksctl also. But you can also check it in a different way. You can check for existence of service account in kube-system namespace.
Check for IAM role annotation in service account
kubectl get sa aws-load-balancer-controller -o yaml -n kube-system
Verify that this service account is mapped to the load balancer controller deployment ( if it deployed or when ever it would be deployed)
kubectl get deployments -o yaml -n kube-system aws-load-balancer-controller | grep serviceAccountName
Hope it helps
--Syd
Relevant content
- Accepted Answerasked a month ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 6 months ago