You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I tried to have eks in aws acount A and route53 zones in account B, and got error as
time="2024-12-13T11:37:45Z" level=error msg="Failed to do run once: soft error\nrecords retrieval failed: soft error\nfailed to list hosted zones: AccessDenied: User: arn:aws:sts::{ account id }:assumed-role/{{ role name}} is not authorized to perform: route53:ListHostedZones because no identity-based policy allows the route53:ListHostedZones action\n\tstatus code: 403, request id: d49bf6e1-755d-425a-9b75-f7f7092bfb4f"
while I tested with assume role outside of eks with my local cli and it works.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I tried to have eks in aws acount A and route53 zones in account B, and got error as
while I tested with assume role outside of eks with my local cli and it works.
AWS support chained assume role https://docs.aws.amazon.com/eks/latest/userguide/cross-account-access.html, but not sure whether external-dns has implemented it or not.
Beta Was this translation helpful? Give feedback.
All reactions