diff --git a/lib/integrations/awsoidc/eks_enroll_clusters.go b/lib/integrations/awsoidc/eks_enroll_clusters.go
index 07d7644b50b0a..f0c6abb5c8f19 100644
--- a/lib/integrations/awsoidc/eks_enroll_clusters.go
+++ b/lib/integrations/awsoidc/eks_enroll_clusters.go
@@ -332,6 +332,7 @@ func enrollEKSCluster(ctx context.Context, log logrus.FieldLogger, clock clockwo
if alreadyInstalled, err := clt.CheckAgentAlreadyInstalled(ctx, kubeClientGetter, log); err != nil {
return "", trace.Wrap(err, "could not check if teleport-kube-agent is already installed.")
} else if alreadyInstalled {
+ // Web UI relies on the text of this error message. If changed, sync with EnrollEksCluster.tsx
return "", trace.AlreadyExists("teleport-kube-agent is already installed on the cluster %q", clusterName)
}
diff --git a/web/packages/teleport/src/Discover/Kubernetes/EnrollEKSCluster/EnrollEksCluster.tsx b/web/packages/teleport/src/Discover/Kubernetes/EnrollEKSCluster/EnrollEksCluster.tsx
index 699e3456d7ca0..308360c077b8a 100644
--- a/web/packages/teleport/src/Discover/Kubernetes/EnrollEKSCluster/EnrollEksCluster.tsx
+++ b/web/packages/teleport/src/Discover/Kubernetes/EnrollEKSCluster/EnrollEksCluster.tsx
@@ -17,7 +17,7 @@
*/
import React, { useState, useCallback } from 'react';
-import { Box, ButtonSecondary, ButtonText, Text, Toggle } from 'design';
+import { Box, ButtonSecondary, ButtonText, Link, Text, Toggle } from 'design';
import styled from 'styled-components';
import { FetchStatus } from 'design/DataTable/types';
import { Danger } from 'design/Alert';
@@ -218,7 +218,12 @@ export function EnrollEksCluster(props: AgentStepProps) {
emitErrorEvent(
'unknown error: no results came back from enrolling the EKS cluster.'
);
- } else if (result.error) {
+ } else if (
+ result.error &&
+ !result.error.message.includes(
+ 'teleport-kube-agent is already installed on the cluster'
+ )
+ ) {
setEnrollmentState({
status: 'error',
error: `Cluster enrollment error: ${result.error}`,
@@ -294,6 +299,17 @@ export function EnrollEksCluster(props: AgentStepProps) {
{fetchClustersAttempt.statusText}
)}
+ Note: EKS enrollment will work only with clusters that have
+ access entries authentication mode enabled, see{' '}
+
+ documentation.
+
+
+
Select the AWS Region you would like to see EKS clusters for:
- Or click here to see instructions for manual enrollment
+ Or enroll manually