This message was deleted.

You need to create IAM user with permissions from to following doc:

thanks I will give it a try and share the status...Thanks for your help

@calm-exabyte-238 This link https://rancher-users.slack.com/archives/C3ASABBD1/p1671025623437609?thread_ts=1671020807.088559&cid=C3ASABBD1 has too much permissions i believe. What if someone doesn't want rancher to manage

nodegroup

create / delete. just purely able to import the cluster and use rancher UI to navigate to k8s resources. Not questioning your help just we are in a situation where

we deleting some nodegroups

and rancher creating them automatically which is bad and we don't want for our usecase. we are just importing EKS cluster.

Yes i understand. Had the same situation. Just don't give the permissions to create/delete node groups. The minimum permissions that works for me is eks:list/read .... If you just want to use rancher to browse the EKS clusters you can use the snippet below or at least I am using it and it works as expected. Note that i am not in the Rancher team. I am just sharing my experience

{

{

"Sid": "KMSPermisssions",

"Effect": "Allow",

"Action": "kms:ListKeys",

"Resource": "*"

},

{

"Sid": "EKSPermisssions",

"Effect": "Allow",

"Action": [

"eks:UpdateClusterConfig",

"eks:UntagResource",

"eks:TagResource",

"eks:ListUpdates",

"eks:ListTagsForResource",

"eks:ListNodegroups",

"eks:ListFargateProfiles",

"eks:ListClusters",

"eks:DescribeUpdate",

"eks:DescribeNodegroup",

"eks:DescribeFargateProfile",

"eks:DescribeCluster"

],

"Resource": "*"

}

]

}

I thought so but thanks a lot @calm-exabyte-238 i will give it a try. Appreciate the help