amazon-eks-pod-identity-webhook icon indicating copy to clipboard operation
amazon-eks-pod-identity-webhook copied to clipboard

Published 20 hours ago verified publisher icon aws

Invalid k8s service account token

Open fhalde opened this issue 7 months ago • 5 comments

What happened: The file /var/run/secrets/eks.amazonaws.com/serviceaccount/token contained a malformed token of the form

<token> 11:11:49.782386   40364 v3.go:79] EOF

What you expected to happen: The token should not have been malformed

How to reproduce it (as minimally and precisely as possible): Not reproducible

Anything else we need to know?: Since the token was malformed, and since we use EKS IRSA, the AWS STS call was failing

Environment: EKS

  • AWS Region: sa-east-1
  • EKS Platform version (if using EKS, run aws eks describe-cluster --name <name> --query cluster.platformVersion): eks.7
  • Kubernetes version (if using EKS, run aws eks describe-cluster --name <name> --query cluster.version): 1.29
  • Webhook Version: unsure

fhalde avatar Jul 26 '24 12:07 fhalde