AWS root user is not authorized to perform: eks:DescribeCluster

Question

I am following this video guide https://www.youtube.com/watch?v=DcnviAwmzM4&t=1092s According to the guide, I configured my aws-cli tool with the Secret Access Key ID and Secret Access Key of my root user. Anyway, when I issue the command

aws eks --region us-east-2 describe-cluster --name k8s-book --query cluster.status

I am getting the following error:

An error occurred (AccessDeniedException) when calling the DescribeCluster operation: User: arn:aws:iam::896622344185:user/publishing-service-dev is not authorized to perform: eks:DescribeCluster on resource: arn:aws:eks:us-east-2:896622344185:cluster/k8s-book

My understanding is that the root user must have unrestricted access. Also, I don't get why in the command output instead of "root" user "user/publishing-service-dev" is mentioned. I don't have such as IAM user created. Actually, I do not have any IAM users.

Answer 1

You are not configuring the credentials of your root user, you're using credentials for publishing-service-dev IAM user

Check which IAM policies have that user attached (or which groups that user belongs to and their policies)

As best practices, try not to use the root user at all