[Bug] panic: arn: invalid prefix while running migrate-to-access-entry

[AdamDomagalsky]

What were you trying to accomplish?

Trying to Migrate IAM identity mappings to access entries

What happened?

Getting panic: arn: invalid prefix

How to reproduce it?

Run eksctl utils migrate-to-access-entry --cluster cluster-name -v 4

Logs

2024-09-24 22:17:21 [▶]  Setting credentials expiry window to 30 minutes
2024-09-24 22:17:22 [▶]  role ARN for the current session is "arn:aws:sts::012345678910:assumed-role/role-xxx/env-name"
2024-09-24 22:17:23 [▶]  cluster = &types.Cluster{AccessConfig:(*types.AccessConfigResponse)(0x14000b31720), Arn:(*string)(0x1400064a0f0), CertificateAuthority:(*types.Certificate)(0x1400064a100), ClientRequestToken:(*string)(nil), ConnectorConfig:(*types.ConnectorConfigResponse)(nil), CreatedAt:time.Date(2021, time.March, 22, 6, 21, 22, 95000000, time.UTC), EncryptionConfig:[]types.EncryptionConfig(nil), Endpoint:(*string)(0x1400064a120), Health:(*types.ClusterHealth)(0x14000b31700), Id:(*string)(nil), Identity:(*types.Identity)(0x1400064a3b0), KubernetesNetworkConfig:(*types.KubernetesNetworkConfigResponse)(0x140008c9b60), Logging:(*types.Logging)(0x14000b316c0), Name:(*string)(0x1400064a0d0), OutpostConfig:(*types.OutpostConfigResponse)(nil), PlatformVersion:(*string)(0x1400064a440), ResourcesVpcConfig:(*types.VpcConfigResponse)(0x14000245030), RoleArn:(*string)(0x1400064a340), Status:"ACTIVE", Tags:map[string]string{"alpha.eksctl.io/cluster-oidc-enabled":"true", "env":"cluster-name", "managed_by":"eksctl"}, UpgradePolicy:(*types.UpgradePolicyResponse)(0x140006a89a8), Version:(*string)(0x1400064a390), noSmithyDocumentSerde:document.NoSerde{}}
2024-09-24 22:17:23 [ℹ]  current cluster authentication mode is API_AND_CONFIG_MAP; target cluster authentication mode is API_AND_CONFIG_MAP
2024-09-24 22:17:26 [▶]  aws-auth = {
    "metadata": {
        "name": "aws-auth",
        "namespace": "kube-system",
        "uid": "<uuid>",
        "resourceVersion": "2137",
        "creationTimestamp": "2021-03-22T06:38:55Z",
        "managedFields": [
            {
                "manager": "kubectl-edit",
                "operation": "Update",
                "apiVersion": "v1",
                "time": "2024-09-20T10:27:12Z",
                "fieldsType": "FieldsV1",
                "fieldsV1": {
                    "f:data": {
                        "f:mapUsers": {}
                    }
                }
            },
            {
                "manager": "eksctl",
                "operation": "Update",
                "apiVersion": "v1",
                "time": "2024-09-24T11:59:14Z",
                "fieldsType": "FieldsV1",
                "fieldsV1": {
                    "f:data": {
                        ".": {},
                        "f:mapRoles": {}
                    }
                }
            }
        ]
    },
    "data": {
        "mapRoles": "- groups:\n  - system:masters\n  username: user-1\n- groups:\n  - system:masters\n  rolearn: arn:aws:iam::012345678910:role/role-xxx\n  username: admin\n- groups:\n  - system:bootstrappers\n  - system:nodes\n  rolearn: arn:aws:iam::012345678910:role/eksctl-cluster-name-nodegr-nodeinstancerole-v1234\n  username: system:node:{{ec2privatednsname}}\n- groups:\n  - system:bootstrappers\n  - system:nodes\n  rolearn: arn:aws:iam::012345678910:role/eksctl-cluster-name-nodegr-NodeInstanceRole-v4321\n  username: system:node:{{EC2PrivateDNSName}}\n- groups:\n  - system:masters\n  rolearn: arn:aws:iam::012345678910:role/user-1-pod-identity\n  username: user-1-pod-identity\n",
        "mapUsers": "- groups:\n  - system:masters\n  userarn: arn:aws:iam::012345678910:user/cluster-name-access-user\n  username: admin\n"
    }
}

panic: arn: invalid prefix

goroutine 1 [running]:
github.com/weaveworks/eksctl/pkg/apis/eksctl.io/v1alpha5.MustParseARN(...)
        github.com/weaveworks/eksctl/pkg/apis/eksctl.io/v1alpha5/access_entry.go:115
github.com/weaveworks/eksctl/pkg/actions/accessentry.doBuildAccessEntry({0x10895bd38, 0x14000b9b2c0})
        github.com/weaveworks/eksctl/pkg/actions/accessentry/migrator.go:307 +0x5e8
github.com/weaveworks/eksctl/pkg/actions/accessentry.doFilterAccessEntries({0x140000ff180, 0x6, 0x10b0c72e0?}, {0x14000b104c0, 0x1, 0x0?})
        github.com/weaveworks/eksctl/pkg/actions/accessentry/migrator.go:253 +0x4a0
github.com/weaveworks/eksctl/pkg/actions/accessentry.(*Migrator).MigrateToAccessEntry(0x14000559500, {0x1089593a8?, 0x10b0c72e0}, {{0x106a81301?, 0x0?}, 0x0?, 0x0?})
        github.com/weaveworks/eksctl/pkg/actions/accessentry/migrator.go:100 +0x530
github.com/weaveworks/eksctl/pkg/ctl/utils.doMigrateToAccessEntry(0x1400087afc0, {{0x106a81301?, 0x0?}, 0x0?, 0x0?})
        github.com/weaveworks/eksctl/pkg/ctl/utils/migrate_to_access_entry.go:76 +0x49c
github.com/weaveworks/eksctl/pkg/ctl/utils.migrateAccessEntryCmd.func3(0x140008b1700?, {0x14000235a40?, 0x4?, 0x106a5565d?})
        github.com/weaveworks/eksctl/pkg/ctl/utils/migrate_to_access_entry.go:35 +0x8c
github.com/spf13/cobra.(*Command).execute(0x140008bc600, {0x14000235a00, 0x4, 0x4})
        github.com/spf13/[email protected]/command.go:983 +0x840
github.com/spf13/cobra.(*Command).ExecuteC(0x14000644900)
        github.com/spf13/[email protected]/command.go:1115 +0x344
github.com/spf13/cobra.(*Command).Execute(...)
        github.com/spf13/[email protected]/command.go:1039
main.main()
        github.com/weaveworks/eksctl/cmd/eksctl/main.go:102 +0x4c0

Anything else we need to know?

Versions

eksctl info
eksctl version: 0.190.0
kubectl version: v1.31.1
OS: darwin

[github-actions]

Hello AdamDomagalsky 👋 Thank you for opening an issue in eksctl project. The team will review the issue and aim to respond within 1-5 business days. Meanwhile, please read about the Contribution and Code of Conduct guidelines here. You can find out more information about eksctl on our website