K
Q

Pod is using node group role instead of service account in aws eks

11/18/2021

I am using a service account with a role assigned to it using OIDC. I opened shell in the pod and checked current role,

enter image description here

but my service is doing the same thing but it is using node role,

enter image description here

Versions of Java SDK

-- PSKP
amazon-eks
amazon-web-services
kubernetes

Similar Questions

How to catch SIGTERM in a pod with Minikube
Pod status as `CreateContainerConfigError` in Minikube cluster
How can I increase the size of master node on google kubernetes engine?
Kubernetes: Network policy - deny all with allow all
kubernetes: cannot access service on VirtualBox cluster via ClusterIP / NodePort

1 Answer

11/19/2021

The containers in your pods must use an AWS SDK version that supports assuming an IAM role via an OIDC web identity token file.

Check if you meet the minimum requirement for boto3 is 1.9.220, for botocore is 1.12.200.

-- gohm'c
Source: StackOverflow