Error loading Namespaces. Unauthorized: Verify you have access to the Kubernetes cluster

Question

I have created a EKS cluster using the the command line eksctl and verified that the application is working fine.

But noticing a strange issue, when i try yo access the nodes in the cluster in the web browser i see the following error

Error loading Namespaces
Unauthorized: Verify you have access to the Kubernetes cluster

I am able to see the nodes using kubectl get nodes

I am logged in as the admin user. Any help on how to workaround this would be really great. Thanks.

Answer 1

You will need to add your IAM role/user to your cluster's aws-auth config map

Basic steps to follow taken from https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html

kubectl edit -n kube-system configmap/aws-auth

# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
data:
  mapRoles: |
    - rolearn: <arn:aws:iam::111122223333:role/eksctl-my-cluster-nodegroup-standard-wo-NodeInstanceRole-1WP3NUE3O6UCF>
      username: <system:node:{{EC2PrivateDNSName}}>
      groups:
        - <system:bootstrappers>
        - <system:nodes>
  mapUsers: |
    - userarn: <arn:aws:iam::111122223333:user/admin>
      username: <admin>
      groups:
        - <system:masters>
    - userarn: <arn:aws:iam::111122223333:user/ops-user>
      username: <ops-user>
      groups:
        - <system:masters>

Answer 2

Also seeing this error and it got introduced by the latest addition to EKS, see https://aws.amazon.com/blogs/containers/introducing-the-new-amazon-eks-console/

Since then, the console makes requests to EKS in behalf of the user or role you are logged in.

So make sure the kube-system:aws-auth configmap has that user or role added.

This user/role might not be the same you are using locally with AWS CLI, hence kubectl might work while you still see that error !