Difference between revisions of "MapRoles:"

From wikieduonline
Jump to navigation Jump to search
 
(7 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
{{lc}}
 
{{lc}}
 +
 +
Official example<ref>https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html</ref>:
 +
 +
mapRoles: |
 +
- groups:
 +
  - [[system:bootstrappers]]
 +
  - [[system:nodes]]
 +
  rolearn: arn:aws:iam::111122223333:role/my-node-role
 +
  username: [[system:node]]:<nowiki>{{EC2PrivateDNSName}}</nowiki>
 +
 +
== Examples ==
 
{{MapUsers and mapRoles}}
 
{{MapUsers and mapRoles}}
  
  
  
[[inputs]] = {
+
{{aws_auth_extra_roles_input}}
+
 
aws_auth_extra_roles = <<-[[EOF]]
 
[[mapUsers:]] |
 
  - userarn: arn:aws:iam::XXXXXXXXXXXX:user/your-aws-user
 
    username: your-k8s-new-user-with-master-privileges
 
    groups:
 
      - [[system:masters]]
 
  EOF
 
}
 
  
 
== Related ==
 
== Related ==
 
* <code>[[mapAccounts:]]</code>
 
* <code>[[mapAccounts:]]</code>
 +
* <code>[[Error: reading inline policies for IAM]]</code>
  
 
== See also ==
 
== See also ==

Latest revision as of 15:13, 21 December 2023

Official example[1]:

mapRoles: |
- groups:
  - system:bootstrappers
  - system:nodes
  rolearn: arn:aws:iam::111122223333:role/my-node-role
  username: system:node:{{EC2PrivateDNSName}}

Examples[edit]

mapUsers: |
 - userarn: arn:aws:iam::XXXXXXXXXXXX:user/your-aws-user
   username: your-k8s-new-user-with-master-privileges
   groups:
     - system:masters

mapRoles: |
 - rolearn: arn:aws:iam::XXXXXXXXXXXX:role/your-aws-role
   username: your-new-k8s-user-with-master
   groups:
     - system:masters


inputs = {

aws_auth_extra_roles = <<-EOF
mapUsers: |
 - userarn: arn:aws:iam::XXXXXXXXXXXX:user/your-aws-user
   username: your-k8s-new-user-with-master-privileges
   groups:
     - system:masters
 EOF
}


Related[edit]

See also[edit]

  • https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html
  • Advertising: