@shinyaz

ArgoCD doesn't auto-recover from IAM errors — use hard refresh

1 min read
#argocd#eks#iam#troubleshooting

While testing CodeCommit integration with EKS ArgoCD Capability, I forgot to attach codecommit:GitPull before creating the Application. The AccessDeniedException showed up in status.conditions, so I added the IAM policy and waited — but the same error persisted for over 90 seconds.

ArgoCD backs off its retry interval on errors, so fixing the policy doesn't trigger an immediate retry. A manual hard refresh got the deployment going in about 15 seconds.

Terminal
kubectl annotate application <app-name> -n argocd \
  argocd.argoproj.io/refresh=hard --overwrite

After fixing IAM-related errors, don't wait for polling — use this annotation for an immediate retry. Full verification details here.

Share this post

Shinya Tahara

Shinya Tahara

Solutions Architect @ AWS

I'm a Solutions Architect at AWS, providing technical guidance primarily to financial industry customers. I share learnings about cloud architecture and AI/ML on this site.The views and opinions expressed on this site are my own and do not represent the official positions of my employer.

Read more