-
Notifications
You must be signed in to change notification settings - Fork 175
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Invalid k8s service account token #232
Comments
hi, could someone be able to help here? |
I had the same problem. Use the pod
Token requests STS to report the following error
|
@ccx0lw did you check the contents of |
It's all right now. I checked the IAM as described in the documentation here. It turns out to be the OIDC Audience, with no sts.amazonaws.com |
thank you |
What happened:
The file /var/run/secrets/eks.amazonaws.com/serviceaccount/token contained a malformed token of the form
What you expected to happen:
The token should not have been malformed
How to reproduce it (as minimally and precisely as possible):
Not reproducible
Anything else we need to know?:
Since the token was malformed, and since we use EKS IRSA, the AWS STS call was failing
Environment: EKS
aws eks describe-cluster --name <name> --query cluster.platformVersion
): eks.7aws eks describe-cluster --name <name> --query cluster.version
): 1.29The text was updated successfully, but these errors were encountered: