I am trying to deploy my application over EKS cluster using AWS codepipeline. I have already created a building job using the builspec.yml to push the docker image to ECR repo. Now I am trying to deploy the image to container over EKS cluster. I am following the below steps However facing below challenge:
1) - CREDENTIALS=$(aws sts assume-role --role-arn arn:aws:iam::7*********4:service-role/codebuild-CI-
Build-service-role --role-session-name codebuild-kubectl --duration-seconds 900)
- export AWS_ACCESS_KEY_ID="$(echo ${CREDENTIALS} | jq -r '.Credentials.AccessKeyId')"
- export AWS_SECRET_ACCESS_KEY="$(echo ${CREDENTIALS} | jq -r '.Credentials.SecretAccessKey')"
- export AWS_SESSION_TOKEN="$(echo ${CREDENTIALS} | jq -r '.Credentials.SessionToken')"
- export AWS_EXPIRATION="$(echo ${CREDENTIALS} | jq -r '.Credentials.Expiration')"Here in the above step, I am passing the AWS code build role.
2) aws eks update-kubeconfig --name $EKS_CLUSTER_NAME --region $AWS_DEFAULT_REGION
3) - ROLE=" - rolearn:arn:aws:iam::7********4:role/service-role/codebuild-CI-Build-service-role\n username:build\n groups:\n - system:masters"
- kubectl get -n kube-system configmap/aws-auth -o yaml | awk "/mapRoles:\|/{print;print \"$ROLE\";next}1" > /tmp/aws-auth-patch.yml
- kubectl describe configmap -n kube-system aws-authThis step is done to update the role in the AWS config auth.
However, I am getting the error:
error: You must be logged in to the server (Unauthorized)