Difference between revisions of "Enabling IAM principal access to your cluster"
Jump to navigation
Jump to search
| Line 12: | Line 12: | ||
== Related == | == Related == | ||
| − | * [[aws-iam-authenticator add]] | + | * <code>[[aws-iam-authenticator add]]</code> |
* [[K8s Cluster roles]]: <code>[[cluster-admin]], [[admin]], [[edit]], [[Kubernetes view role|view]]</code> | * [[K8s Cluster roles]]: <code>[[cluster-admin]], [[admin]], [[edit]], [[Kubernetes view role|view]]</code> | ||
* [[AWS IAM Authenticator for Kubernetes]] configured in [[aws-auth ConfigMap]] | * [[AWS IAM Authenticator for Kubernetes]] configured in [[aws-auth ConfigMap]] | ||
* <code>[[kubectl get roles -A]]</code> | * <code>[[kubectl get roles -A]]</code> | ||
| − | * [[kubectl get clusterroles]] | + | * <code>[[kubectl get clusterroles]]</code> |
| − | * [[kubectl get rolebindings -A]] | + | * <code>[[kubectl get rolebindings -A]]</code> |
| − | * [[kubectl describe role]] your-role-name -n kube-system | + | * <code>[[kubectl describe role]] your-role-name -n kube-system</code> |
* [[AWS IAM principal]] | * [[AWS IAM principal]] | ||
* <code>[[kubectl get clusterroles]]</code> | * <code>[[kubectl get clusterroles]]</code> | ||
Revision as of 12:10, 4 October 2023
system:masters
kubectl describe -n kube-system configmap/aws-auth
Activities
Related
aws-iam-authenticator add- K8s Cluster roles:
cluster-admin, admin, edit, view - AWS IAM Authenticator for Kubernetes configured in aws-auth ConfigMap
kubectl get roles -Akubectl get clusterroleskubectl get rolebindings -Akubectl describe role your-role-name -n kube-system- AWS IAM principal
kubectl get clusterroles- ServiceNow Kubernetes discovery
See also
system:, system:masters, system:controller:, system:anonymous, system:serviceaccount:, system:serviceaccounts:, system:bootstrappers, system:node, system:nodes,kubectl get clusterroles- AWS IAM Authenticator for Kubernetes:
aws-iam-authenticator: [token | verify | add | init | server | version | --help],configmap/aws-auth,AmazonEKSAdminPolicy,AmazonEKSClusterAdminPolicy - AWS IAM Authenticator for Kubernetes:
aws-auth, kubectl edit -n kube-system configmap/aws-auth, eksctl create iamidentitymapping,mapUsers:, mapRoles:, mapAccounts: - Kubernetes RBAC
kubectl auth, kubectl auth can-i, kubectl auth reconcilekubectl create [ role | clusterrole | clusterrolebinding|rolebinding | serviceaccount ], groups:, Kubernetes RBAC good practices,kube2iam, K8s Cluster roles,rbac.authorization.k8s.io,system:
Advertising:
