Difference between revisions of "Creating an IAM OIDC provider for your EKS cluster"
Jump to navigation
Jump to search
(22 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | * https://docs.aws.amazon.com/eks/latest/userguide/ | + | * https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html |
+ | * [[OIDC issuer URL]] | ||
+ | |||
+ | * <code>[[aws iam create-open-id-connect-provider]]</code> | ||
+ | * <code>[[module.eks.oidc_provider]]</code> | ||
+ | |||
+ | |||
+ | cluster_name=YOUR-CLUSTER-NAME && oidc_id=$([[aws eks describe-cluster --name]] $cluster_name --query "[[cluster.identity.oidc.issuer]]" --output text | cut -d '/' -f 5) && echo $oidc_id | ||
+ | |||
+ | List providers: | ||
+ | * <code>[[aws iam list-open-id-connect-providers]] | grep $oidc_id | cut -d "/" -f4</code> | ||
+ | |||
+ | == Related == | ||
* [[Granting access to an IAM principal to view Kubernetes resources on a cluster]] | * [[Granting access to an IAM principal to view Kubernetes resources on a cluster]] | ||
+ | * [[Configuring a Kubernetes service account to assume an IAM role]] | ||
+ | * [[EKS OIDC]] | ||
+ | * [[Dynamic Credentials with the AWS Provider]] | ||
+ | * [[Terraform module: Github-oidc-provider]] | ||
− | * {{EKS}} | + | == See also == |
+ | * {{EKS OIDC}} | ||
* {{OIDC}} | * {{OIDC}} | ||
+ | * {{EKS module}} | ||
+ | |||
+ | [[Category:EKS]] |
Latest revision as of 11:23, 10 July 2024
cluster_name=YOUR-CLUSTER-NAME && oidc_id=$(aws eks describe-cluster --name $cluster_name --query "cluster.identity.oidc.issuer" --output text | cut -d '/' -f 5) && echo $oidc_id
List providers:
aws iam list-open-id-connect-providers | grep $oidc_id | cut -d "/" -f4
Related[edit]
- Configuring a Kubernetes service account to assume an IAM role
- EKS OIDC
- Dynamic Credentials with the AWS Provider
- Terraform module: Github-oidc-provider
See also[edit]
- EKS OIDC,
eksctl utils associate-iam-oidc-provider, aws iam list-open-id-connect-providers
- OIDC,
kubectl oidc-login
, AWS IAM OIDC, EKS OIDC, EKS module,aws iam list-open-id-connect-providers | aws iam create-open-id-connect-provider | aws iam get-open-id-connect-provider
, OIDC tokens,aws_lb_listener_rule
- Terraform EKS module:
manage_aws_auth_configmap, create_aws_auth_configmap, aws_auth_roles, aws_auth_users, aws_auth_accounts, module.eks, Amazon EKS Blueprints for Terraform, OIDC
Advertising: