EKS Auto Mode - add access entry for auto mode node role
erezzarum opened this issue · 14 comments
erezzarum commented
Description
- ✋ I have searched the open/closed issues and my issue is not listed.
When using built-in nodepools, EKS will automatically create appropriate access entry for the Node role.
When not using any built-in nodepools, one will not be created and the NodeClass will fail, as Node role is not authorized to join nodes to the cluster.
⚠️ Note
Before you submit an issue, please perform the following first:
- Remove the local
.terraformdirectory (! ONLY if state is stored remotely, which hopefully you are following that best practice!):rm -rf .terraform/ - Re-initialize the project root to pull down modules:
terraform init - Re-attempt your terraform plan or apply and check if the issue still persists
Versions
-
Module version [Required]: 20.31.3
-
Terraform version: 1.7.3
- Provider version(s): 5.81
Reproduction Code [Required]
Steps to reproduce the behavior:
Create an EKS Auto Mode cluster without using any built-in nodepools.
Expected behavior
EKS module will create the correct access entries.
Example with CLI
aws eks create-access-entry --cluster-name <CLUSTER NAME> --principal-arn <NODE ROLE ARN> --type EC2
aws eks associate-access-policy --cluster-name <CLUSTER NAME> --principal-arn <NODE ROLE ARN> --access-scope type=cluster --policy-arn arn:aws:eks::aws:cluster-access-policy/AmazonEKSAutoNodePolicy
Actual behavior
Create access entries for node role.