Hi, At the moment i am using Pulumi with IAM user ...
# general
b
Hi, At the moment i am using Pulumi with IAM user to manage my AWS infrastructure. In creating the EKS cluster it works just fine. The cluster is created and i have all the necessary resources. In Deletion, on the other hand, i receive error. From the IAM user side it says I do not have permission to perform this action which is of course true because the IAM user should not be able to delete every resource and delete the resources which only he/she has created as pic 1: From the Admin side, however it says that this resource can not be found as pic 2: How can i resolve this issue? any suggestions would be appreciated. somewhere in creating or deleting the cluster pulumi is effecting the process and i don not know why and how?
m
This is an AWS IAM policy problem.
For your IAM user you need to add to it’s policy
eks:DeleteCluster
for that cluster ARN.
For your admin user. Are you sure you are targeting the same AWS account?
b
the
eks:DeleteCluster
is attached to the IAM user and yes the admin user is targeting the same AWS account
m
AWS has an IAM Policy simulator where you can test if the user can delete that specific cluster https://policysim.aws.amazon.com/home/index.jsp?#