Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error RBAC for vpcAssociationPolicies missing update status #531

Closed
allamand opened this issue Nov 20, 2023 · 1 comment
Closed

Error RBAC for vpcAssociationPolicies missing update status #531

allamand opened this issue Nov 20, 2023 · 1 comment
Assignees
@mikhail-aws
Labels
bug Something isn't working
Milestone
Release v1.0.1

Comments

@allamand
Copy link
Contributor

The controller needs to update the status of vpcAssociationPolicies objects, but it is missing when deployed with the helm chart

aws-gateway-api-controller-aws-gateway-controller-chart-5fhcqpx manager {"level":"info","ts":"2023-11-20T14:58:24.802Z","logger":"controller.vpc-association-policy","caller":"controllers/vpcassociationpolicy_controller.go:82","msg":"reconcile error, retry in 30 sec: vpcassociationpolicies.application-networking.k8s.aws \"app-services-gw\" is forbidden: User \"system:serviceaccount:aws-application-networking-system:gateway-api-controller\" cannot update resource \"vpcassociationpolicies/status\" in API group \"application-networking.k8s.aws\" in the namespace \"app-services-gw\""}
@zijun726911 zijun726911 added the bug Something isn't working label Nov 20, 2023
@zijun726911
Copy link
Contributor

Thanks for reporting this bug, we will fix it asap. Seems the controller miss the vpcassociationpolicies/status and targetgrouppolicies/status permission in the:
https://github.com/aws/aws-application-networking-k8s/blob/6dcbd36f924d0d48929a7ca60bfc1b96435b3a71/config/rbac/cluster-role-controller.yaml
https://github.com/aws/aws-application-networking-k8s/blob/6dcbd36f924d0d48929a7ca60bfc1b96435b3a71/helm/templates/cluster-role-controller.yaml

@solmonk solmonk added this to the Release v1.0.1 milestone Nov 20, 2023
@mikhail-aws mikhail-aws self-assigned this Nov 20, 2023
@mikhail-aws mikhail-aws mentioned this issue Nov 20, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mikhail-aws mikhail-aws

Labels
bug Something isn't working
Projects
None yet
Milestone
Release v1.0.1
Development

No branches or pull requests
4 participants
@solmonk @allamand @zijun726911 @mikhail-aws