Menu
When attempting to create a fargate profile with amazon eks (using command eksctl create cluster --name myclustername --version 1.14 --fargate), I get the
[✔] all EKS cluster resources for "myclustername" have been created
[✔] saved kubeconfig as "/home/connor/.kube/config"
[ℹ] creating Fargate profile "fp-default" on EKS cluster "myclustername"
Error: failed to create Fargate profile "fp-default" on EKS cluster "myclustername": failed to create Fargate profile "fp-default": AccessDeniedException: Account 339969016160 is not authorized to use this service
status code: 403, request id: 1db7cf38-002e-48b8-8fa6-8a7b7eab324d
Any ideas on what permissions I need to add to get around this? I prefer to do all administration through cli, wherever possible
283
The Fargate profile allows an administrator to declare which pods run on Fargate and specify which pods run on which Fargate profile. This declaration is done through the profile's selectors. Each profile can have up to five selectors that contain a namespace and labels. A namespace is required for every selector.
Open the Amazon EKS console at https://console.aws.amazon.com/eks/home#/clusters . Choose the cluster to create a Fargate profile for. Choose the Compute tab. Under Fargate profiles, choose Add Fargate profile.
So, Fargate isn't an alternative to or competitor with EKS or ECS. Instead, think of Fargate as an optional “deployment mode” that can – but does not necessarily have to – be used in conjunction with one of AWS's container services to manage the way infrastructure is set up and containers are deployed onto it.
AWS Fargate with Amazon EKS is available in all Amazon EKS Regions except AWS GovCloud (US-East) and AWS GovCloud (US-West). Each pod that runs on Fargate has its own isolation boundary. They don't share the underlying kernel, CPU resources, memory resources, or elastic network interface with another pod.
Error is hideous in that it suggests it is a permissions issue, while really the problem is that fargate with EKS (kubernetes) is only supported in four regions as of January 12th 2020:
Region Name Region
US East (Ohio) us-east-2
US East (N. Virginia) us-east-1
Asia Pacific (Tokyo) ap-northeast-1
EU (Ireland) eu-west-1
See: https://docs.aws.amazon.com/eks/latest/userguide/fargate.html
Although not apparent in your note, I suspect you are trying to use a region not on the above list.
Note that fargate is available on more regions as long as it is not used in conjunction with EKS.
57
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
