Difference between revisions of "MapRoles:"
Jump to navigation
Jump to search
↑ https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html
| Line 3: | Line 3: | ||
Official example<ref>https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html</ref>: | Official example<ref>https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html</ref>: | ||
| + | mapRoles: | | ||
- groups: | - groups: | ||
- [[system:bootstrappers]] | - [[system:bootstrappers]] | ||
Revision as of 14:52, 21 December 2023
Official example[1]:
mapRoles: | - groups: - system:bootstrappers - system:nodes rolearn: arn:aws:iam::111122223333:role/my-node-role username: system:node:Template:EC2PrivateDNSName
mapUsers: | - userarn: arn:aws:iam::XXXXXXXXXXXX:user/your-aws-user username: your-k8s-new-user-with-master-privileges groups: - system:masters mapRoles: | - rolearn: arn:aws:iam::XXXXXXXXXXXX:role/your-aws-role username: your-new-k8s-user-with-master groups: - system:masters
inputs = { aws_auth_extra_roles = <<-EOF mapUsers: | - userarn: arn:aws:iam::XXXXXXXXXXXX:user/your-aws-user username: your-k8s-new-user-with-master-privileges groups: - system:masters EOF }
Related
See also
mapUsers:, mapRoles:, mapAccounts:- AWS IAM Authenticator for Kubernetes:
aws-auth, kubectl edit -n kube-system configmap/aws-auth, eksctl create iamidentitymapping,mapUsers:, mapRoles:, mapAccounts:
Advertising:
