Hello,
I'm having some trouble authenticating to my cluster. I'm using Terraform Cloud and TF authenticates to my AWS account through OpenID Connect dynamic credentials.
When I apply my terraform and create the cluster, it seems like the cluster is getting created by a temporary user. Here's the log output for that:
time="2023-10-02T12:47:16Z" level=info msg="mapping IAM user" groups="[system:m*sters]" user="arn:aws:sts::xxxxxxxxxxxx:assumed-role/terraform-cloud/terraform-run-qv1pR6d3pzXBwxxx" username=kubernetes-admin
Then I'm trying to interact with the cluster:
$ aws eks update-kubeconfig --name test-cluster --region eu-west-1
Updated context arn:aws:eks:eu-west-1:xxxxxxxxxxxx:cluster/test-cluster in /home/user/.kube/config
and then
$ kubectl get pods
E1002 15:21:29.954692 244039 memcache.go:265] couldn't get current server API group list: the server has asked for the client to provide credentials
E1002 15:21:30.364086 244039 memcache.go:265] couldn't get current server API group list: the server has asked for the client to provide credentials
E1002 15:21:30.768898 244039 memcache.go:265] couldn't get current server API group list: the server has asked for the client to provide credentials
E1002 15:21:31.176616 244039 memcache.go:265] couldn't get current server API group list: the server has asked for the client to provide credentials
E1002 15:21:31.581822 244039 memcache.go:265] couldn't get current server API group list: the server has asked for the client to provide credentials
error: You must be logged in to the server (the server has asked for the client to provide credentials)
I tried to find a relevant document but I couldn't. Can you please help?
Thanks
AWS 官方已更新 1 年前