1 Answer
- Newest
- Most votes
- Most comments
1
Hello,
You are facing the error because the trust-relationship of the new_dev
IAM role is not allowing the user 'xxxxx' to perform sts:AssumeRole
operation.
To fix this, you will have to update the trust-relationship of your new_dev
IAM role to allow sts:AssumeRole
for the IAM user 'xxxxx'.
Below is a sample trust-relationship policy that allows the user arn:aws:iam::111122223333:user/xxxxx
to perform assume-role operation on the IAM role that has the below trust-relationship.
For more info, please refer https://aws.amazon.com/blogs/security/how-to-use-trust-policies-with-iam-roles/
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::111122223333:user/xxxxx"
},
"Action": "sts:AssumeRole"
}
]
}
I hope this helps!
Relevant content
- Accepted Answerasked 2 years ago
- asked 5 years ago
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a month ago
Thanks. I receive this error when I try to update kube context aws eks update-kubeconfig --name .. --region .. --profile .... I tried generating the credential again and set the profile via aws configure, still no luck.
an error occurred (unrecognizedclientexception) when calling the describecluster operation: the security token included in the request is invalid