You should not create the cluster with root account. Instead create a user or if you want to install EKS with aws cli create IAM role for the EC2 instance that you are going to run aws cli commands or cloudformation template.
This could be because the cluster was created with one set of AWS credentials (from an IAM user or role), and kubectl is using a different set of credentials.
Permannent Solution:
When an Amazon EKS cluster is created, the IAM entity (user or role) that creates the cluster is added to the Kubernetes RBAC authorization table as the administrator (with system:masters permissions). Initially, only that IAM user can make calls to the Kubernetes API server using kubectl .
If you use the console to create the cluster, you must ensure that the same IAM user credentials are in the AWS SDK credential chain when you are running kubectl commands on your cluster.
Quick Fix
- Generate Access Key ID of root user
- Generate Secret Access Key ID of root user
- Edit AWS credentials file
$ vi .aws/credentials
$ aws eks update-kubeconfig --region ap-south-1 --name my-cluster
$ kubectl get svc
Code language: JavaScript (javascript)How to add More IAM Users to RBAC?
Login AWS CLI using a IAM user using which you created a clustor and Add New IAM user. To map an IAM user to a Kubernetes RBAC, pleae follow below steps
When you create an Amazon EKS cluster, the IAM entity user or role, such as a federated user that creates the cluster, is automatically granted system:masters permissions in the cluster’s RBAC configuration in the control plane.
This IAM entity does not appear in the ConfigMap, or any other visible configuration, so make sure to keep track of which IAM entity originally created the cluster. To grant additional AWS users or roles the ability to interact with your cluster, you must edit the aws-auth ConfigMap within Kubernetes.
Follow a steps
- https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html
- https://faun.pub/add-new-user-to-manage-aws-eks-e487c5d10ee3
I’m a DevOps/SRE/DevSecOps/Cloud Expert passionate about sharing knowledge and experiences. I have worked at Cotocus. I share tech blog at DevOps School, travel stories at Holiday Landmark, stock market tips at Stocks Mantra, health and fitness guidance at My Medic Plus, product reviews at TrueReviewNow , and SEO strategies at Wizbrand.
Do you want to learn Quantum Computing?
Please find my social handles as below;
Rajesh Kumar Personal Website
Rajesh Kumar at YOUTUBE
Rajesh Kumar at INSTAGRAM
Rajesh Kumar at X
Rajesh Kumar at FACEBOOK
Rajesh Kumar at LINKEDIN
Rajesh Kumar at WIZBRAND
Find Trusted Cardiac Hospitals
Compare heart hospitals by city and services — all in one place.
Explore Hospitals