The Issue
Once you’ve deployed an EKS cluster, and try to view this in the AWS Console, you are presenting the following message:
Your current user or role does not have access to Kubernetes objects on this EKS Cluster
The Cause
This is because you need to run some additional configuration on your cluster to allow your AWS user IAM to access the cluster.
- AWS EKS Docs – Enabling IAM user and role access to your cluster
The Fix
Grab your User ARN from the Identity and Access Management (IAM) page.
Download this template YAML file for configuring the necessary ClusterRole and ClusterRoleBinding and then apply it to your EKS cluster.
curl -o eks-console-full-access.yaml https://amazon-eks.s3.us-west-2.amazonaws.com/docs/eks-console-full-access.yaml kubectl apply -f eks-console-full-access.yaml
Now edit the following configmap:
kubectl edit configmap/aws-auth -n kube-system
Add in the following under the data tree:
mapUsers: | - userarn: arn:aws:iam::3xxxxxxx7:user/[email protected] username: admin groups: - system:masters
After a minute or so, once you revisit the EKS Cluster page in the AWS console, you will see all the relevant details.
Regards