Difference between revisions of "Aws-auth configMap"
Jump to navigation
Jump to search
Line 18: | Line 18: | ||
* <code>[[Error: getting auth ConfigMap]]: Unauthorized</code> | * <code>[[Error: getting auth ConfigMap]]: Unauthorized</code> | ||
* <code>[[kind: ClusterRole]]</code> | * <code>[[kind: ClusterRole]]</code> | ||
− | |||
* <code>[[HelmRoleArn]]</code> and <code>[[KubernetesRoleArn]]</code> | * <code>[[HelmRoleArn]]</code> and <code>[[KubernetesRoleArn]]</code> | ||
* <code>[[system:masters]], [[system:serviceaccount:]]</code> | * <code>[[system:masters]], [[system:serviceaccount:]]</code> |
Revision as of 16:36, 1 March 2023
AWS IAM Authenticator for Kubernetes get information from aws-auth
ConfigMap.
https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html
Examples
kubectl edit -n kube-system configmap/aws-auth
kubectl describe -n kube-system configmap/aws-auth
kubectl -n kube-system get configmap aws-auth -o=yaml
Related
eksct create iamidentitymapping
Your current user or role does not have access to Kubernetes objects on this EKS cluster
- EKS single sign-on using AWS SSO
The SSO session associated with this profile has expired or is otherwise invalid. To refresh this SSO session run aws sso login with the corresponding profile.
aws_auth_roles
- Amazon EKS authorization
eksctl get iamidentitymapping --cluster your-eks-cluster
Error: getting auth ConfigMap: Unauthorized
kind: ClusterRole
HelmRoleArn
andKubernetesRoleArn
system:masters, system:serviceaccount:
See also
- AWS IAM Authenticator for Kubernetes:
aws-auth, kubectl edit -n kube-system configmap/aws-auth, eksctl create iamidentitymapping
,mapUsers:, mapRoles:, mapAccounts:
- EKS RBAC, Amazon EKS authentication, Amazon EKS authorization,
aws eks get-token, aws-auth ConfigMap, aws-iam-authenticator, eksctl create iamidentitymapping, eksctl get iamidentitymapping, eks:AccessKubernetesApi, eks-connector
, K8s Cluster roles,AmazonEKSAdminPolicy
,AmazonEKSClusterAdminPolicy
Advertising: