K
Q

Kubectl get svc command throws Access Denied error

5/24/2019

Using AWS CLI and typing the command Kubectl get svc

throws the below error "An error occurred (AccessDenied) when calling the AssumeRole operation: Access denied"

Can anyone provide directions on what could be causing this error?

-- siv
amazon-web-services
kubernetes

Similar Questions

How to reduce docker pull time during CI build?
how to get container host machine ip address and container name in EKS
Is there any less hacky way of passing an Ordinal Index to StatefulSet environment variable?
Can't access services on master node via public IP (but I can SSH?)
using Pod environment variable to connect to pod
Deploy and Upgrade pods in Namespace
Rancher: kubernetes cluster stuck in pending. "No route to host"
Handle exposing ports on kubernetese in bare metal
Kubernetes pod can't communicate with other pods in the same node
No resources found: Letsencrypt certificate not creating in kubernetes

2 Answers

6/1/2019

The issue was EKS Cluster was created with a different IAM role compared to Kubectl. Upon resolving the access credentials, kubectl was able to connect to Control Plane API Servers.

-- siv
Source: StackOverflow
5/24/2019

you should check RBAC roles and role bindings. verify the account that you are using has access to list the objects from api server

this is how you can check

master $ kubectl auth can-i get svc
yes
master $

master $  kubectl auth can-i create pods --all-namespaces
yes
master $
-- P Ekambaram
Source: StackOverflow