Error: reading inline policies for IAM role
│ Error: reading inline policies for IAM role mycluster-eks-node-group-2023100555912474437000009, error: AccessDenied: User: arn:aws:sts::0123456789:assumed-role/my-eks-github-runner-downstream-clusters/gitHubSession is not authorized to perform: iam:GetRolePolicy on resource: role mycluster-eks-node-group-20231005094627443707000009 because no identity-based policy allows the iam:GetRolePolicy action │ status code: 403, request id: 0416d35a-fddd-4597-a53d-a640599e68bb │ │ with module.downstream-clusters-EKS.module.eks.module.eks_managed_node_group["default_node_group"].aws_iam_role.this[0], │ on .terraform/modules/EKS.eks/modules/eks-managed-node-group/main.tf line 417, in resource "aws_iam_role" "this": │ 417: resource "aws_iam_role" "this" { │ ╵ Error: Process completed with exit code 1.
Related
See also
aws_iam_role: assume_role_policy, iam:CreateRole
- AWS IAM role, AWS service roles, AWS IAM Roles Anywhere: [
list-roles | get-role | create-role | put-role-policy | create-service-linked-role | attach-role-policy | update-role | add-role-to-instance-profile ], aws ec2 describe-iam-instance-profile-associations ]
, IAM roles for EC2 instances,AWSServiceRoleForAutoScaling
Advertising: