V,
Can you point me to the config files, properties, environment
variables that Openshift may use to pass my AWS permissions to the Kubernetes
api? As I previously said, my aws cli works fine, but it seems like the AWS
permissions I have on my command line aren’t passed on by the oc cli to the
kubernetes api.
It’s probable I’ve screwed up a config somewhere. I could use
help in in where and what to look for.
Thanks,
-David
From: Vyacheslav Semushin [mailto:[email protected]]
Sent: Friday, March 24, 2017 3:22 PM
To: Jordan Liggitt <[email protected]>
Cc: David VOGEL <[email protected]>; [email protected]
Subject: Re: error querying AWS EBS volume from 'oc create'
Based on the error I suppose that it fails on this line:
https://github.com/kubernetes/kubernetes/blob/master/pkg/cloudprovider/providers/aws/aws.go#L618
Looks like OpenShift uses a wrong credentials. Is it possible?
David, could you check whether your AWS credentials are configured correctly?
https://docs.openshift.com/enterprise/3.2/install_config/configuring_aws.html
2017-03-24 19:52 GMT+01:00 Jordan Liggitt
<[email protected]<mailto:[email protected]>>:
I'm assuming that request was made as the cluster admin using the certificate
credentials. The 403 is not coming from the API server's authorization (or it
would indicate which user was rejected), it is coming from something the API
server is doing internally.
Looks like here:
https://github.com/kubernetes/kubernetes/blob/master/plugin/pkg/admission/persistentvolume/label/admission.go#L86
--
Slava Semushin | OpenShift
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
