Difference between revisions of "MapUsers:"
Jump to navigation
Jump to search
| Line 11: | Line 11: | ||
groups: | groups: | ||
- [[system:masters]] | - [[system:masters]] | ||
| − | - userarn: arn:aws:iam::555555555555:user/your-user-2 | + | - userarn: arn:aws:iam::555555555555:[[user/]]your-user-2 |
username: your-user-2 | username: your-user-2 | ||
groups: | groups: | ||
Revision as of 16:34, 24 October 2023
mapUsers: | - userarn: arn:aws:iam::XXXXXXXXXXXX:user/your-aws-user username: your-k8s-new-user-with-master-privileges groups: - system:masters mapRoles: | - rolearn: arn:aws:iam::XXXXXXXXXXXX:role/your-aws-role username: your-new-k8s-user-with-master groups: - system:masters
Examples
Multiple user example
mapUsers: |
- userarn: arn:aws:iam::555555555555:user/your-user-1
username: your-user-1
groups:
- system:masters
- userarn: arn:aws:iam::555555555555:user/your-user-2
username: your-user-2
groups:
- system:masters
mapUsers: |
- userarn: arn:aws:iam::123456789:user/read-only-access-eks
username: read-only-access-eks
groups:
- view
Related
kubectl edit -n kube-system configmap/aws-auth- Kubernetes API
- Enabling IAM principal access to your cluster
See also
- AWS IAM Authenticator for Kubernetes:
aws-auth, kubectl edit -n kube-system configmap/aws-auth, eksctl create iamidentitymapping,mapUsers:, mapRoles:, mapAccounts: - Kubernetes RBAC
kubectl auth, kubectl auth can-i, kubectl auth reconcilekubectl create [ role | clusterrole | clusterrolebinding|rolebinding | serviceaccount ], groups:, Kubernetes RBAC good practices,kube2iam, K8s Cluster roles,rbac.authorization.k8s.io,system:
Advertising:
