Difference between revisions of "Aws-auth configMap"
Jump to navigation
Jump to search
Line 32: | Line 32: | ||
* <code>[[kubernetes_config_map]]</code> | * <code>[[kubernetes_config_map]]</code> | ||
* <code>[[kubectl get configmap -n kube-system]]</code> | * <code>[[kubectl get configmap -n kube-system]]</code> | ||
− | * [[service-account-controller]] | + | * <code>[[service-account-controller]]</code> |
− | * [[kubectl get clusterroles]] | + | * <code>[[kubectl get clusterroles]]</code> |
* <code>[[cluster_endpoint_public_access]]</code> | * <code>[[cluster_endpoint_public_access]]</code> | ||
Latest revision as of 08:56, 11 July 2024
AWS IAM Authenticator for Kubernetes get information from aws-auth
ConfigMap.
https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html
Examples[edit]
kubectl edit -n kube-system configmap/aws-auth
kubectl describe -n kube-system configmap/aws-auth
kubectl -n kube-system get configmap aws-auth -o=yaml
Terraform[edit]
- Terraform EKS module:
create_aws_auth_configmap, manage_aws_auth_configmap
- Terraform resource:
kubernetes_config_map_v1_data
Errors[edit]
The SSO session associated with this profile has expired or is otherwise invalid. To refresh this SSO session run aws sso login with the corresponding profile.
Your current user or role does not have access to Kubernetes objects on this EKS cluster
- Error: Unauthorized
Activities[edit]
Related[edit]
eksct create iamidentitymapping
- EKS single sign-on using AWS SSO
- Terraform EKS module:
aws_auth_roles
- Amazon EKS authorization
eksctl get iamidentitymapping --cluster your-eks-cluster
Error: getting auth ConfigMap: Unauthorized
kind: ClusterRole
HelmRoleArn
andKubernetesRoleArn
system:masters, system:serviceaccount:
kubernetes_config_map
kubectl get configmap -n kube-system
service-account-controller
kubectl get clusterroles
cluster_endpoint_public_access
See also[edit]
- AWS IAM Authenticator for Kubernetes:
aws-auth, kubectl edit -n kube-system configmap/aws-auth, eksctl create iamidentitymapping
,mapUsers:, mapRoles:, mapAccounts:
- EKS RBAC, Amazon EKS authentication, Amazon EKS authorization,
aws eks get-token, aws-auth ConfigMap, aws-iam-authenticator, eksctl create iamidentitymapping, eksctl get iamidentitymapping, eks:AccessKubernetesApi, eks-connector
, K8s Cluster roles,AmazonEKSAdminPolicy
,AmazonEKSClusterAdminPolicy
- Kubernetes Authentication,
kubectl create serviceaccount, kubectl get serviceaccounts, CertificateSigningRequest, aws-auth
, bearer tokens, EKS Authentication
Advertising: