This repository has been archived by the owner on Jul 26, 2022. It is now read-only.
"Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1","code":"CredentialsError #715
lucasvieirazup
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello,
I'm trying to find any error in the chart about miss configuration, appear this message in the api kubernetes-external:
{"level":50,"message_time":"2021-04-23T13:13:53.280Z","pid":17,"hostname":"k8s-vivo-ext-kubernetes-external-secrets-7558dbcd8b-9btn2","payload":{"message":"Missing credentials in config, if using AWS_CONFIG_FILE, set l-secrets:
AWS_SDK_LOAD_CONFIG=1","code":"CredentialsError","time":"2021-04-23T13:13:53.280Z","requestId":"170f88a7-a83c-4816-9d1c-9b026725c10c","statusCode":403,"retryable":false,"retryDelay":95.98201895564404,"originalError":{"message":"Could not load credentials from ChainableTemporaryCredentials","code":"CredentialsError","time":"2021-04-23T13:13:53.280Z","requestId":"170f88a7-a83c-4816-9d1c-9b026725c10c","statusCode":403,"retryable":false,"retryDelay":95.98201895564404,"originalError":{"message":"User: arn:aws:sts::xxxxxxxxxxxx:assumed-role/eksRoleNode/i-0d7eadfb581567e5f is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::330482684181:role/webserver-secrets-role","code":"AccessDenied","time":"2021-04-23T13:13:53.280Z","requestId":"170f88a7-a83c-4816-9d1c-9b026725c10c","statusCode":403,"retryable":false,"retryDelay":95.98201895564404}}},"msg":"failure while polling the secret prod/db-applications"}
I Added AWS_INTERMEDIATE_ROLE_ARN as a Role for eksRoleNode (Is the Role of Nodes in my EKS) and i attached a policy for access a secret manager on that.
My policy to access the secret manager is like this:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"secretsmanager:GetResourcePolicy",
"secretsmanager:GetSecretValue",
"secretsmanager:DescribeSecret",
"secretsmanager:ListSecretVersionIds"
],
"Resource": [
"arn:aws:secretsmanager:sa-east-1:xxxxxxxxxxxxx:secret:secret-application-xxxxx",
"arn:aws:secretsmanager:sa-east-1:xxxxxxxxxxxxx:secret:secret-subscription-xxxx",
"arn:aws:secretsmanager:sa-east-1:xxxxxxxxxxxxx:secret:secret-wallet-xxx",
"arn:aws:secretsmanager:sa-east-1:xxxxxxxxxxxxx:secret:secret-camunda-xxxx,
"arn:aws:secretsmanager:sa-east-1:xxxxxxxxxxxxx:secret:secret-password-xxxxx",
"arn:aws:secretsmanager:sa-east-1:xxxxxxxxxxxxx:secret:secret-user-xxxxx",
"arn:aws:secretsmanager:sa-east-1:xxxxxxxxxxxxx:secret:secret-cluster-password-xxx"
]
}
]
}
I my ExternalSecret where i'm deployed, appears the same error of:
db-applications 9s ERROR, Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1
Any sugestion about it?
Beta Was this translation helpful? Give feedback.
All reactions