Issue Assuming Role on EKS

Question

Closed this issue 2 years ago · 3 comments

When using service account annotations the pod can assume the role with a web identity. Running aws cli commands returns the correct role.

Issue

But when using the raws it will run the commands using the role on the node itself.

On the service account attached to the pod

metadata:
  annotations:
    eks.amazonaws.com/role-arn: arn:aws:iam::ACCOUNT_ID:role/k8s-XXXX-role

The entrypoint runs a bash script that has the role assume itself & exports the creds to environment variables that raws can use.

Answer 1 · 2022-11-17T22:42:57.000Z

Hi @andrew-aiken does pr #559 help to resolve this issue?

Answer 2 · 2022-11-18T02:58:48.000Z

Looks like it does!
Thx

Answer 3 · 2022-12-01T14:14:40.000Z

@andrew-aiken just for update paws.common 0.5.2 has been released on the cran, resolving this issue :)