[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: error querying AWS EBS volume from 'oc create'


               Can you point me to the config files, properties, environment variables that Openshift may use to pass my AWS permissions to the Kubernetes api? As I previously said, my aws cli works fine, but it seems like the AWS permissions I have on my command line aren’t passed on by the oc cli to the kubernetes api.

               It’s probable I’ve screwed up a config somewhere. I could use help in in where and what to look for.




From: Vyacheslav Semushin [mailto:vsemushi redhat com]
Sent: Friday, March 24, 2017 3:22 PM
To: Jordan Liggitt <jliggitt redhat com>
Cc: David VOGEL <David Vogel raytheon com>; users lists openshift redhat com
Subject: Re: error querying AWS EBS volume from 'oc create'


Based on the error I suppose that it fails on this line: https://github.com/kubernetes/kubernetes/blob/master/pkg/cloudprovider/providers/aws/aws.go#L618


Looks like OpenShift uses a wrong credentials. Is it possible?

David, could you check whether your AWS credentials are configured correctly?




2017-03-24 19:52 GMT+01:00 Jordan Liggitt <jliggitt redhat com>:

I'm assuming that request was made as the cluster admin using the certificate credentials. The 403 is not coming from the API server's authorization (or it would indicate which user was rejected), it is coming from something the API server is doing internally.

Looks like here: https://github.com/kubernetes/kubernetes/blob/master/plugin/pkg/admission/persistentvolume/label/admission.go#L86


Slava Semushin | OpenShift

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]