Skip to content
This repository has been archived by the owner on Apr 25, 2024. It is now read-only.

IAM permissions error when creating the LB for echo-service #557

Open
imjustdavid opened this issue Sep 11, 2018 · 1 comment
Open

IAM permissions error when creating the LB for echo-service #557

imjustdavid opened this issue Sep 11, 2018 · 1 comment

Comments

@imjustdavid
Copy link

When creating the echo-service on section 01-path-basics/103-kubernetes-concepts/Service/Create a Service I am getting the following IAM error:

  Normal   EnsuringLoadBalancer        1m (x12 over 31m)  service-controller  Ensuring load balancer
  Warning  CreatingLoadBalancerFailed  1m (x3 over 11m)   service-controller  (combined from similar events): Error creating load balancer (will retry): failed to ensure load balancer for service default/echo-service: AccessDenied: User: arn:aws:sts::400281910976:assumed-role/k8s-workshop-EksServiceRo-AWSServiceRoleForAmazonE-1FU4O6ZCNH1HJ/1536572109059663899 is not authorized to perform: iam:CreateServiceLinkedRole on resource: arn:aws:iam::400281910976:role/aws-service-role/elasticloadbalancing.amazonaws.com/AWSServiceRoleForElasticLoadBalancing
           status code: 403, request id: 602a0859-b5b7-11e8-a0a1-9d9c299aa0e1

Thanks,
David.
@paragao
Copy link

paragao commented Feb 7, 2019

Same issue here. I had to go to the IAM console and add an inline policy for the two permissions under the k8s-workshop-EksServiceRo-AWSServiceRoleForAmazonE-8030PKVYQK02:

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ec2:DescribeInternetGateways",
"ec2:DescribeAccountAttributes"
],
"Resource": "*"
}
]
}

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@paragao @imjustdavid