Difference between revisions of "Enabling IAM principal access to your cluster"

• https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html

system:masters

kubectl describe -n kube-system configmap/aws-auth

Activities

• Granting access to an IAM principal to view Kubernetes resources on a cluster

Related

• aws-iam-authenticator add
• K8s Cluster roles: cluster-admin, admin, edit, view
• AWS IAM Authenticator for Kubernetes configured in aws-auth ConfigMap
• kubectl get roles -A
• kubectl get clusterroles
• kubectl get rolebindings -A
• kubectl describe role your-role-name -n kube-system
• AWS IAM principal
• kubectl get clusterroles

See also

• system:, system:masters, system:controller:, system:anonymous, system:serviceaccount:, system:serviceaccounts:, system:bootstrappers, system:node, system:nodes, kubectl get clusterroles
• AWS IAM Authenticator for Kubernetes: aws-iam-authenticator: [token | verify | add | init | server | version | --help], configmap/aws-auth, AmazonEKSAdminPolicy, AmazonEKSClusterAdminPolicy
• AWS IAM Authenticator for Kubernetes: aws-auth, kubectl edit -n kube-system configmap/aws-auth, eksctl create iamidentitymapping, mapUsers:, mapRoles:, mapAccounts:
• Kubernetes RBAC kubectl auth, kubectl auth can-i, kubectl auth reconcile kubectl create [ role | clusterrole | clusterrolebinding | rolebinding | serviceaccount ], groups:, Kubernetes RBAC good practices, kube2iam, K8s Cluster roles, rbac.authorization.k8s.io, system: