Difference between revisions of "Error: reading inline policies for IAM role"

│ Error: reading inline policies for IAM role mycluster-eks-node-group-2023100555912474437000009, error: AccessDenied: User: 
arn:aws:sts::0123456789:assumed-role/my-eks-github-runner-downstream-clusters/gitHubSession is not authorized to perform: 
iam:GetRolePolicy on resource: role mycluster-eks-node-group-20231005094627443707000009 because no identity-based policy allows 
the iam:GetRolePolicy action
│ 	status code: 403, request id: 0416d35a-fddd-4597-a53d-a640599e68bb
│ 
│   with module.downstream-clusters-EKS.module.eks.module.eks_managed_node_group["default_node_group"].aws_iam_role.this[0],
│   on .terraform/modules/EKS.eks/modules/eks-managed-node-group/main.tf line 417, in resource "aws_iam_role" "this":
│  417: resource "aws_iam_role" "this" {
│ 
╵
Error: Process completed with exit code 1.

Related

• mapRoles:

See also

• AWS IAM role, AWS service roles, AWS IAM Roles Anywhere: [ list-roles | get-role | create-role | put-role-policy | create-service-linked-role | attach-role-policy | update-role | add-role-to-instance-profile ], aws ec2 describe-iam-instance-profile-associations ], IAM roles for EC2 instances, AWSServiceRoleForAutoScaling
• IAM: AWS IAM Identity Center, AWS Identity and Access Management, Google Cloud IAM, Azure IAM, SailPoint, CyberArk, CIAM, ForgeRock, iam:ChangePassword, aws iam, AdministratorAccess, Context keys, IAM Access Analyzer, AWS policy, AWS managed policies, IAMUserChangePassword, AWS Roles, List of AWS policies, Resource-based policy, aws-iam-authenticator, IRSA, RDS Authentication, AccessDenied, AWS Authentication, AWS IAM external access analyzer