HiveBrain v1.2.0
Get Started
← Back to all entries
debugMinor

Cannot configure node group in new EKS cluster due to no Node IAM role found

Submitted by: @import:stackexchange-devops··
0
Viewed 0 times
cannotdueiamnewgroupnoderolefoundeksconfigure

Problem

I've created a new EKS cluster, and am trying to add a new node group to it.

I'm stuck on selecting a Node IAM Role from the dropdown.

I followed the link, and created all options for roles I could see fit, still none appear in the dropdown.

Note: currently I don't really care about restricting access, I'm only trying to run some POC against EKS with a test account.

Solution

This is actually pretty well described in the docs.

Before you create worker nodes, you must create an IAM role with the
following IAM policies:

AmazonEKSWorkerNodePolicy

AmazonEKS_CNI_Policy

AmazonEC2ContainerRegistryReadOnly

Also you need to make sure that this role could be assumed by EKS.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "ec2.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

Code Snippets

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "ec2.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

Context

StackExchange DevOps Q#11722, answer score: 6

Revisions (0)

No revisions yet.