Hey Guys, I’m trying to create an aws eks cluster and i’m running into IAM authorizations error about “AssumeRole”, this is the output :

arn:aws:iam::111111111:user/pulumi-dev is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::111111111:user/pulumi-dev

I created a group for this user, gave it the sufficient permissions, also created a role that have this as the trust relationship :

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::076477451822:user/pulumi-dev"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

can you guys refer me to the right way to do this ? Thanks, Raz.

How did you solve it? Someone else may find this question in the future 🙂

Was it that the assuming was being done by a group, but the assumption was trusting a user?

Reading about aws roles and role-assuming made it more easier for me 🙂