Pyae Phyoe Shein
Pyae Phyoe Shein

Reputation: 13837

How to create AWS IAM role with ServiceAccount and attach to Kubernetes DaemonSet

I found that documentation that we can add AWS IAM role to kubernetes serviceaccount and attach to Pods. And what I'm supposed to do is I want to attach that service account to DaemonSet instead of Pods level permission. But I configured same as that documentation and attached to DaemonSet but I've encountered following error message after that:

Aws::STS::Errors::AccessDenied error="Not authorized to perform sts:AssumeRoleWithWebIdentity

Is that meant those type of serviceaccount with IAM role cannot be attached to DaemonSet?

Upvotes: 1

Views: 359

Answers (1)

Jakub
Jakub

Reputation: 8840

Is that meant those type of serviceaccount with IAM role cannot be attached to DaemonSet?

No,there shouldn't be any issues with that. I checked here and there is an example with service account in a deployment.


As @PPShein mentioned in comments the issue occurs because he forgot to add the openid_url.

Please refer to this and this documentation.

Upvotes: 1

Related Questions