Difference between revisions of "Aws-auth configMap"
Jump to navigation
Jump to search
(9 intermediate revisions by the same user not shown) | |||
Line 9: | Line 9: | ||
== Terraform == | == Terraform == | ||
− | * [[Terraform EKS module]]: <code>[[create_aws_auth_configmap]]</code> | + | * [[Terraform EKS module]]: <code>[[create_aws_auth_configmap]], [[manage_aws_auth_configmap]]</code> |
* [[Terraform resource]]: <code>[[kubernetes_config_map_v1_data]]</code> | * [[Terraform resource]]: <code>[[kubernetes_config_map_v1_data]]</code> | ||
− | |||
== Errors == | == Errors == | ||
Line 17: | Line 16: | ||
* <code>[[Your current user or role does not have access to Kubernetes objects on this EKS cluster]]</code> | * <code>[[Your current user or role does not have access to Kubernetes objects on this EKS cluster]]</code> | ||
* [[Error: Unauthorized]] | * [[Error: Unauthorized]] | ||
+ | |||
+ | == Activities == | ||
+ | * [[Enabling IAM principal access to your cluster]] | ||
== Related == | == Related == | ||
* <code>[[eksct create iamidentitymapping]]</code> | * <code>[[eksct create iamidentitymapping]]</code> | ||
* [[EKS single sign-on using AWS SSO]] | * [[EKS single sign-on using AWS SSO]] | ||
− | * <code>[[aws_auth_roles]]</code> | + | * [[Terraform EKS module]]: <code>[[aws_auth_roles]]</code> |
* [[Amazon EKS authorization]] | * [[Amazon EKS authorization]] | ||
− | * <code>eksctl get iamidentitymapping --cluster your-eks-cluster</code> | + | * <code>[[eksctl get iamidentitymapping]] --cluster your-eks-cluster</code> |
* <code>[[Error: getting auth ConfigMap]]: Unauthorized</code> | * <code>[[Error: getting auth ConfigMap]]: Unauthorized</code> | ||
* <code>[[kind: ClusterRole]]</code> | * <code>[[kind: ClusterRole]]</code> | ||
Line 29: | Line 31: | ||
* <code>[[system:masters]], [[system:serviceaccount:]]</code> | * <code>[[system:masters]], [[system:serviceaccount:]]</code> | ||
* <code>[[kubernetes_config_map]]</code> | * <code>[[kubernetes_config_map]]</code> | ||
+ | * <code>[[kubectl get configmap -n kube-system]]</code> | ||
+ | * <code>[[service-account-controller]]</code> | ||
+ | * <code>[[kubectl get clusterroles]]</code> | ||
+ | * <code>[[cluster_endpoint_public_access]]</code> | ||
== See also == | == See also == | ||
* {{aws-auth}} | * {{aws-auth}} | ||
* {{EKS RBAC}} | * {{EKS RBAC}} | ||
+ | * {{Kubernetes Authentication}} | ||
[[Category:EKS]] | [[Category:EKS]] |
Latest revision as of 08:56, 11 July 2024
AWS IAM Authenticator for Kubernetes get information from aws-auth
ConfigMap.
https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html
Examples[edit]
Terraform[edit]
Errors[edit]
Activities[edit]
Related[edit]
eksct create iamidentitymapping
- EKS single sign-on using AWS SSO
- Terraform EKS module:
aws_auth_roles
- Amazon EKS authorization
eksctl get iamidentitymapping --cluster your-eks-cluster
Error: getting auth ConfigMap: Unauthorized
kind: ClusterRole
HelmRoleArn
andKubernetesRoleArn
system:masters, system:serviceaccount:
kubernetes_config_map
kubectl get configmap -n kube-system
service-account-controller
kubectl get clusterroles
cluster_endpoint_public_access
See also[edit]
- AWS IAM Authenticator for Kubernetes:
aws-auth, kubectl edit -n kube-system configmap/aws-auth, eksctl create iamidentitymapping
,mapUsers:, mapRoles:, mapAccounts:
- EKS RBAC, Amazon EKS authentication, Amazon EKS authorization,
aws eks get-token, aws-auth ConfigMap, aws-iam-authenticator, eksctl create iamidentitymapping, eksctl get iamidentitymapping, eks:AccessKubernetesApi, eks-connector
, K8s Cluster roles,AmazonEKSAdminPolicy
,AmazonEKSClusterAdminPolicy
- Kubernetes Authentication,
kubectl create serviceaccount, kubectl get serviceaccounts, CertificateSigningRequest, aws-auth
, bearer tokens, EKS Authentication
Advertising: