'aws secrets caching describeSecrets error

I am trying to implement a caching for the secrets stored in aws KMS, using this blog post.

Locally when I test the code, the script runs fine. At the moment I am unsure if it fetches from KMS or use credentials from ~/.aws folder. But when I push the code to kubernetes cluster and try to test their I get the error no identity based policy allows the secretsmanager:DescribeSecret action

Can somebody please help how to resolve this error.

aws-secrets-manager


Solution 1:[1]

It is probably because your local code is using your ~/.aws credentials, which have rights to describe secrets secretsmanager:DescribeSecret.

Check if the permissions given to your kubernetes cluster have rights to describe secrets secretsmanager:DescribeSecret

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Nicollas Braga

Related Questions

Terraform update Route53 DOMAIN NameServers

Terraform update Route53 DOMAIN NameServers

Terraform update Route53 DOMAIN NameServers

Amazon AWS S3 to Force Download Mp3 File instead of Stream It

How to enable terraform module only with a specific workspace

AWS RDS Postgres: WAL_LEVEL not set to 'logical' after changing rds.logical_replication = 1

Use terraform to set up a lambda function triggered by a scheduled event source

Use terraform to set up a lambda function triggered by a scheduled event source

Self stopping EC2 once task complete?

AWS - SWF - Asynchronous method

Why my cloudformation template is over 1 MB?

AWS elastic beanstalk - WARN install EACCES: permission denied, access '/tmp/.npm'

Aws step functions - Resume from failed step function activity instead of starting a new execution

Redirect Elastic Beanstalk URL to domain name

node-lambda - TypeError: handler is not a function