Difference between revisions of "Aws-auth configMap"
Jump to navigation
Jump to search
(→Errors) |
|||
Line 17: | Line 17: | ||
* <code>[[Your current user or role does not have access to Kubernetes objects on this EKS cluster]]</code> | * <code>[[Your current user or role does not have access to Kubernetes objects on this EKS cluster]]</code> | ||
* [[Error: Unauthorized]] | * [[Error: Unauthorized]] | ||
+ | |||
+ | == Activities == | ||
+ | * [[Enabling IAM principal access to your cluster]] | ||
== Related == | == Related == |
Revision as of 17:13, 12 September 2023
AWS IAM Authenticator for Kubernetes get information from aws-auth
ConfigMap.
https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html
Examples
kubectl edit -n kube-system configmap/aws-auth
kubectl describe -n kube-system configmap/aws-auth
kubectl -n kube-system get configmap aws-auth -o=yaml
Terraform
- Terraform EKS module:
create_aws_auth_configmap
- Terraform resource:
kubernetes_config_map_v1_data
manage_aws_auth_configmap
Errors
The SSO session associated with this profile has expired or is otherwise invalid. To refresh this SSO session run aws sso login with the corresponding profile.
Your current user or role does not have access to Kubernetes objects on this EKS cluster
- Error: Unauthorized
Activities
Related
eksct create iamidentitymapping
- EKS single sign-on using AWS SSO
- Terraform EKS module:
aws_auth_roles
- Amazon EKS authorization
eksctl get iamidentitymapping --cluster your-eks-cluster
Error: getting auth ConfigMap: Unauthorized
kind: ClusterRole
HelmRoleArn
andKubernetesRoleArn
system:masters, system:serviceaccount:
kubernetes_config_map
See also
- AWS IAM Authenticator for Kubernetes:
aws-auth, kubectl edit -n kube-system configmap/aws-auth, eksctl create iamidentitymapping
,mapUsers:, mapRoles:, mapAccounts:
- EKS RBAC, Amazon EKS authentication, Amazon EKS authorization,
aws eks get-token, aws-auth ConfigMap, aws-iam-authenticator, eksctl create iamidentitymapping, eksctl get iamidentitymapping, eks:AccessKubernetesApi, eks-connector
, K8s Cluster roles,AmazonEKSAdminPolicy
,AmazonEKSClusterAdminPolicy
Advertising: