Difference between revisions of "ServiceNow Kubernetes discovery"
Jump to navigation
Jump to search
(→EKS) |
(→EKS) |
||
| Line 5: | Line 5: | ||
** AWS IAM role. with policy [[EKSReadOnly]] | ** AWS IAM role. with policy [[EKSReadOnly]] | ||
** <code>[[eksctl create iamidentitymapping]] --cluster yourClusterName --arnarn:aws:iam::yourAccountID:role/yourIAMRoleName --username read-only-user</code> | ** <code>[[eksctl create iamidentitymapping]] --cluster yourClusterName --arnarn:aws:iam::yourAccountID:role/yourIAMRoleName --username read-only-user</code> | ||
| + | |||
| + | * [[Configuring a Kubernetes service account to assume an IAM role]] | ||
2) sn_itom_pattern.k8s_aws_cli_to_generate_token | 2) sn_itom_pattern.k8s_aws_cli_to_generate_token | ||
Revision as of 11:43, 24 October 2023
Contents
EKS
1) K8s service account (kind: ServiceAccount)
- AWS IAM role. with policy EKSReadOnly
eksctl create iamidentitymapping --cluster yourClusterName --arnarn:aws:iam::yourAccountID:role/yourIAMRoleName --username read-only-user
2) sn_itom_pattern.k8s_aws_cli_to_generate_token
- With CLI:
aws eks get-token --cluster-name
3)
- sn_itom_pattern.k8s_midserver
- sn_itom_pattern.k8s_create_schedule_enabled
4) XXX
5) ServiceNow AWS Cloud Discovery: https://docs.servicenow.com/en-US/bundle/vancouver-it-operations-management/page/product/discovery/concept/aws-cloud-discovery.html
K8s
kubectl cluster-infokubectl cluster-info | grep "Kubernetes control plane"
Related
kubectl config viewkubectl cluster-info | grep "Kubernetes control plane"- Enabling IAM principal access to your cluster
kubectl -n kube-system describe secret- Access Kubernetes REST API using default token
- Base64:
kubectl get secret --namespace default grafana -o jsonpath="{.data.admin-password}" | base64 --decode ; echo - IAM Roles for Service Accounts (IRSA) in EKS
See also
Advertising:
