You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When running eksctl utils migrate-to-pod-identity --approve without the --remove-oidc-provider-trust-relationship flag, eksctl adds a new trust relationship for the pods.eks.amazonaws.com principal without removing the service account's role annotation, but a subsequent rerun causes it to fail with this error:
Error: creating pod identity association for service account "test" in namespace "kube-system": operation error EKS: CreatePodIdentityAssociation, https response error StatusCode: 409, RequestID: <redacted>, ResourceInUseException: Association already exists: <redacted>
cPu1
changed the title
migrate-to-pod-identity fails after rerunning with --remove-oidc-provider-trust-relationshipmigrate-to-pod-identity fails with pod identity association already exists
May 9, 2024
cPu1
changed the title
migrate-to-pod-identity fails with pod identity association already existsmigrate-to-pod-identity fails with "Association already exists"
May 9, 2024
When running
eksctl utils migrate-to-pod-identity --approve
without the--remove-oidc-provider-trust-relationship
flag, eksctl adds a new trust relationship for thepods.eks.amazonaws.com
principal without removing the service account's role annotation, but a subsequent rerun causes it to fail with this error:Sample config:
Steps to reproduce
eksctl utils migrate-to-pod-identity -f cluster.yaml --approve
eksctl utils migrate-to-pod-identity -f cluster.yaml --approve
againThe text was updated successfully, but these errors were encountered: