[Help] Command `create podidentityassociation` doesn't create SA for me

[TreeKat71]

OS: macOS Monterey
eksctl: installed from homebrew, 0.169.0

Recently, the feature EKS Pod Identity was released, and I would like to understand the differences between eksctl create iamserviceaccount -f config.yaml and eksctl create podidentityassociation -f config.yaml. Because it seems inconsistent to me.

---

When I first used the create iamserviceaccount command with the yaml file below, eksctl created both a Service Account (SA) and an AWS Role for me.

iam:
  withOIDC: true    # Enable IRSA(IAM Roles for Service Accounts)
  serviceAccounts:
    - metadata:
        name: aws-load-balancer-controller
        namespace: kube-system
      wellKnownPolicies:
        awsLoadBalancerController: true

However, when I used the create podidentityassociation command with the yaml file below, eksctl only created a pod identity association and an AWS Role, but did not create a Service Account(it doesn't exist). I'm trying to understand if this behavior is expected.

iam:
  podIdentityAssociations:
    - namespace: kube-system
      serviceAccountName: aws-load-balancer-controller
      roleName: eks-aws-load-balancer-controller
      wellKnownPolicies:
        awsLoadBalancerController: true

[github-actions]

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.