Difference between revisions of "Enabling IAM principal access to your cluster"
Jump to navigation
Jump to search
Line 10: | Line 10: | ||
== Related == | == Related == | ||
− | * [[K8s Cluster roles]]: cluster-admin, admin, edit, view]] | + | * [[K8s Cluster roles]]: [[cluster-admin]], [[admin]], [[edit]], [[view]] |
* [[AWS IAM Authenticator for Kubernetes]] configured in [[aws-auth ConfigMap]] | * [[AWS IAM Authenticator for Kubernetes]] configured in [[aws-auth ConfigMap]] | ||
* [[kubectl get roles -A]] | * [[kubectl get roles -A]] |
Revision as of 17:35, 12 September 2023
system:masters
kubectl describe -n kube-system configmap/aws-auth
Related
- K8s Cluster roles: cluster-admin, admin, edit, view
- AWS IAM Authenticator for Kubernetes configured in aws-auth ConfigMap
- kubectl get roles -A
- kubectl get clusterroles
- kubectl get rolebindings -A
- kubectl describe role your-role-name -n kube-system
See also
- AWS IAM Authenticator for Kubernetes:
aws-iam-authenticator
: [token | verify | add | init | server | version | --help
],configmap/aws-auth
,AmazonEKSAdminPolicy
,AmazonEKSClusterAdminPolicy
- AWS IAM Authenticator for Kubernetes:
aws-auth, kubectl edit -n kube-system configmap/aws-auth, eksctl create iamidentitymapping
,mapUsers:, mapRoles:, mapAccounts:
- Kubernetes RBAC
kubectl auth, kubectl auth can-i, kubectl auth reconcile
kubectl create [ role | clusterrole | clusterrolebinding
|rolebinding | serviceaccount ], groups:
, Kubernetes RBAC good practices,kube2iam
, K8s Cluster roles,rbac.authorization.k8s.io
,system:
Advertising: