AWS EKS - IAM Role and Policy Error - MountVolume.SetUp failed for volume "aws-iam-token" : failed to fetch token

11/21/2019

When I'm trying to implement this: https://docs.aws.amazon.com/en_pv/eks/latest/userguide/create-service-account-iam-policy-and-role.html

I got it to work (in my case using aws-sdk.gem without key and secret) and refresh the token but when I'm trying to re-deploy my custom helm chart (and replace all my pods) I'm getting

Unable to mount volumes for pod "****": timeout expired waiting for volumes to attach or mount for pod "****"/"****". list of unmounted volumes=[aws-iam-token iam-service-account-token-khv6m]. list of unattached volumes=[aws-iam-token iam-service-account-token-****]
Warning  FailedMount  1m (x9 over 3m)  kubelet, **** MountVolume.SetUp failed for volume "iam-service-account-token-****" : secrets "iam-service-account-token-****" not found
Warning  FailedMount  1m (x9 over 3m)  kubelet,**** MountVolume.SetUp failed for volume "aws-iam-token" : 
failed to fetch token:
serviceaccounts "iam-service-account" not found

anyone know what can I do?

-- Oran Kaplan
amazon-eks
amazon-iam
amazon-web-services
kubernetes-helm

0 Answers