Tag Archives: Console

AWS EKS Header

Quick Fix – AWS Console – Current user or role does not have access to Kubernetes objects on this EKS Cluster

Kubernetes, , ,
The Issue

Once you’ve deployed an EKS cluster, and try to view this in the AWS Console, you are presenting the following message:

Your current user or role does not have access to Kubernetes objects on this EKS Cluster

AWS Console - Container Services - Current user or role does not have access to Kubernetes objects on this EKS Cluster

The Cause

This is because you need to run some additional configuration on your cluster to allow your AWS user IAM to access the cluster.

The Fix

Grab your User ARN from the Identity and Access Management (IAM) page.

aws console - user IAM

Download this template YAML file for configuring the necessary ClusterRole and ClusterRoleBinding and then apply it to your EKS cluster.

curl -o eks-console-full-access.yaml https://amazon-eks.s3.us-west-2.amazonaws.com/docs/eks-console-full-access.yaml

kubectl apply -f eks-console-full-access.yaml

apply eks console full access configmap

Now edit the following configmap:

kubectl edit configmap/aws-auth -n kube-system

Add in the following under the data tree:

mapUsers: |
  - userarn: arn:aws:iam::3xxxxxxx7:user/[email protected]
    username: admin
    groups:
      - system:masters

apply eks console full access - edit configmap

After a minute or so, once you revisit the EKS Cluster page in the AWS console, you will see all the relevant details.

AWS Console - Container Services - EKS cluster view

Regards

Dean Lewis

Using Command Prompt to log off terminal / Remote User – #vDM30in30

General, , , , , , , , , , , ,

A quick post. I had an issue the other day where I had to remotely administer a server on another site. When I logged in I was greeted by a white screen.

I needed to boot off this account and then log back in as the same user. Unfortunately this was the only administrator account available.

So I logged as a power user, opened up a command prompt by holding down “Shift” + Right Click to display the “Run as different user” option.

I then used the following options to view the logged in users and their session ID’s and used that information to log off the troublesome account.

SET PATH = %PATH%;C:WindowsSystem32DLLCache;
quser /Server:Localhost

This allows you to query the user  sessions on the local server or a remote device.

C:\>quser /?
Display information about users logged on to the system.

QUERY USER [username | sessionname | sessionid] [/SERVER:servername]

  username            Identifies the username.
  sessionname         Identifies the session named sessionname.
  sessionid           Identifies the session with ID sessionid.
  /SERVER:servername  The server to be queried (default is current).

From here, I take the Session ID and execute the “logoff” command pointing to the localhost.

logoff /Server:localhost 6 /v

Below are the options available with this command, the 6 represents the sessionID, and /v outputs the details to the console

C:\d.lewis>logoff /?
Terminates a session.

LOGOFF [sessionname | sessionid] [/SERVER:servername] [/V] [/VM]

  sessionname         The name of the session.
  sessionid           The ID of the session.
  /SERVER:servername  Specifies the Remote Desktop server containing the user
                      session to log off (default is current).
  /V                  Displays information about the actions performed.
  /VM                 Logs off a session on server or within virtual machine. The unique ID of the session needs to be specified.

Finally hears a screenshot of my console window.

command line log off user.JP

Regards

Dean