In order for the X-Ray daemon to communicate with the service, we need to add a policy to the worker nodes’ AWS Identity and Access Management (IAM) role.
First, we will need to ensure the Role Name our workers use is set in our environment:
test -n "$ROLE_NAME" && echo ROLE_NAME is "$ROLE_NAME" || echo ROLE_NAME is not set
If ROLE_NAME is not set, please review: /030_eksctl/test/
# Example Output
ROLE_NAME is eks-workshop-nodegroup
aws iam attach-role-policy --role-name $ROLE_NAME \
--policy-arn arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess