eksctl
eksctl copied to clipboard
eksctl-io
[Bug] panic: arn: invalid prefix while running migrate-to-access-entry
What were you trying to accomplish?
Trying to Migrate IAM identity mappings to access entries
What happened?
Getting panic: arn: invalid prefix
How to reproduce it?
Run eksctl utils migrate-to-access-entry --cluster cluster-name -v 4
Logs
2024-09-24 22:17:21 [▶] Setting credentials expiry window to 30 minutes
2024-09-24 22:17:22 [▶] role ARN for the current session is "arn:aws:sts::012345678910:assumed-role/role-xxx/env-name"
2024-09-24 22:17:23 [▶] cluster = &types.Cluster{AccessConfig:(*types.AccessConfigResponse)(0x14000b31720), Arn:(*string)(0x1400064a0f0), CertificateAuthority:(*types.Certificate)(0x1400064a100), ClientRequestToken:(*string)(nil), ConnectorConfig:(*types.ConnectorConfigResponse)(nil), CreatedAt:time.Date(2021, time.March, 22, 6, 21, 22, 95000000, time.UTC), EncryptionConfig:[]types.EncryptionConfig(nil), Endpoint:(*string)(0x1400064a120), Health:(*types.ClusterHealth)(0x14000b31700), Id:(*string)(nil), Identity:(*types.Identity)(0x1400064a3b0), KubernetesNetworkConfig:(*types.KubernetesNetworkConfigResponse)(0x140008c9b60), Logging:(*types.Logging)(0x14000b316c0), Name:(*string)(0x1400064a0d0), OutpostConfig:(*types.OutpostConfigResponse)(nil), PlatformVersion:(*string)(0x1400064a440), ResourcesVpcConfig:(*types.VpcConfigResponse)(0x14000245030), RoleArn:(*string)(0x1400064a340), Status:"ACTIVE", Tags:map[string]string{"alpha.eksctl.io/cluster-oidc-enabled":"true", "env":"cluster-name", "managed_by":"eksctl"}, UpgradePolicy:(*types.UpgradePolicyResponse)(0x140006a89a8), Version:(*string)(0x1400064a390), noSmithyDocumentSerde:document.NoSerde{}}
2024-09-24 22:17:23 [ℹ] current cluster authentication mode is API_AND_CONFIG_MAP; target cluster authentication mode is API_AND_CONFIG_MAP
2024-09-24 22:17:26 [▶] aws-auth = {
"metadata": {
"name": "aws-auth",
"namespace": "kube-system",
"uid": "<uuid>",
"resourceVersion": "2137",
"creationTimestamp": "2021-03-22T06:38:55Z",
"managedFields": [
{
"manager": "kubectl-edit",
"operation": "Update",
"apiVersion": "v1",
"time": "2024-09-20T10:27:12Z",
"fieldsType": "FieldsV1",
"fieldsV1": {
"f:data": {
"f:mapUsers": {}
}
}
},
{
"manager": "eksctl",
"operation": "Update",
"apiVersion": "v1",
"time": "2024-09-24T11:59:14Z",
"fieldsType": "FieldsV1",
"fieldsV1": {
"f:data": {
".": {},
"f:mapRoles": {}
}
}
}
]
},
"data": {
"mapRoles": "- groups:\n - system:masters\n username: user-1\n- groups:\n - system:masters\n rolearn: arn:aws:iam::012345678910:role/role-xxx\n username: admin\n- groups:\n - system:bootstrappers\n - system:nodes\n rolearn: arn:aws:iam::012345678910:role/eksctl-cluster-name-nodegr-nodeinstancerole-v1234\n username: system:node:{{ec2privatednsname}}\n- groups:\n - system:bootstrappers\n - system:nodes\n rolearn: arn:aws:iam::012345678910:role/eksctl-cluster-name-nodegr-NodeInstanceRole-v4321\n username: system:node:{{EC2PrivateDNSName}}\n- groups:\n - system:masters\n rolearn: arn:aws:iam::012345678910:role/user-1-pod-identity\n username: user-1-pod-identity\n",
"mapUsers": "- groups:\n - system:masters\n userarn: arn:aws:iam::012345678910:user/cluster-name-access-user\n username: admin\n"
}
}
panic: arn: invalid prefix
goroutine 1 [running]:
github.com/weaveworks/eksctl/pkg/apis/eksctl.io/v1alpha5.MustParseARN(...)
github.com/weaveworks/eksctl/pkg/apis/eksctl.io/v1alpha5/access_entry.go:115
github.com/weaveworks/eksctl/pkg/actions/accessentry.doBuildAccessEntry({0x10895bd38, 0x14000b9b2c0})
github.com/weaveworks/eksctl/pkg/actions/accessentry/migrator.go:307 +0x5e8
github.com/weaveworks/eksctl/pkg/actions/accessentry.doFilterAccessEntries({0x140000ff180, 0x6, 0x10b0c72e0?}, {0x14000b104c0, 0x1, 0x0?})
github.com/weaveworks/eksctl/pkg/actions/accessentry/migrator.go:253 +0x4a0
github.com/weaveworks/eksctl/pkg/actions/accessentry.(*Migrator).MigrateToAccessEntry(0x14000559500, {0x1089593a8?, 0x10b0c72e0}, {{0x106a81301?, 0x0?}, 0x0?, 0x0?})
github.com/weaveworks/eksctl/pkg/actions/accessentry/migrator.go:100 +0x530
github.com/weaveworks/eksctl/pkg/ctl/utils.doMigrateToAccessEntry(0x1400087afc0, {{0x106a81301?, 0x0?}, 0x0?, 0x0?})
github.com/weaveworks/eksctl/pkg/ctl/utils/migrate_to_access_entry.go:76 +0x49c
github.com/weaveworks/eksctl/pkg/ctl/utils.migrateAccessEntryCmd.func3(0x140008b1700?, {0x14000235a40?, 0x4?, 0x106a5565d?})
github.com/weaveworks/eksctl/pkg/ctl/utils/migrate_to_access_entry.go:35 +0x8c
github.com/spf13/cobra.(*Command).execute(0x140008bc600, {0x14000235a00, 0x4, 0x4})
github.com/spf13/[email protected]/command.go:983 +0x840
github.com/spf13/cobra.(*Command).ExecuteC(0x14000644900)
github.com/spf13/[email protected]/command.go:1115 +0x344
github.com/spf13/cobra.(*Command).Execute(...)
github.com/spf13/[email protected]/command.go:1039
main.main()
github.com/weaveworks/eksctl/cmd/eksctl/main.go:102 +0x4c0
Anything else we need to know?
Versions
eksctl info
eksctl version: 0.190.0
kubectl version: v1.31.1
OS: darwin
Hello AdamDomagalsky :wave: Thank you for opening an issue in eksctl project. The team will review the issue and aim to respond within 1-5 business days. Meanwhile, please read about the Contribution and Code of Conduct guidelines here. You can find out more information about eksctl on our website
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.
This issue was closed because it has been stalled for 5 days with no activity.