Kubectl get svc command throws Access Denied error

5/24/2019

Using AWS CLI and typing the command Kubectl get svc

throws the below error "An error occurred (AccessDenied) when calling the AssumeRole operation: Access denied"

Can anyone provide directions on what could be causing this error?

-- siv
amazon-web-services
kubernetes

2 Answers

6/1/2019

The issue was EKS Cluster was created with a different IAM role compared to Kubectl. Upon resolving the access credentials, kubectl was able to connect to Control Plane API Servers.

-- siv
Source: StackOverflow

5/24/2019

you should check RBAC roles and role bindings. verify the account that you are using has access to list the objects from api server

this is how you can check

master $ kubectl auth can-i get svc
yes
master $

master $  kubectl auth can-i create pods --all-namespaces
yes
master $
-- P Ekambaram
Source: StackOverflow