Creating an IAM OIDC provider for your EKS cluster

• https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html

• OIDC issuer URL

• aws iam create-open-id-connect-provider
• module.eks.oidc_provider

cluster_name=YOUR-CLUSTER-NAME && oidc_id=$(aws eks describe-cluster --name $cluster_name --query "cluster.identity.oidc.issuer" --output text | cut -d '/' -f 5) && echo $oidc_id

List providers:

• aws iam list-open-id-connect-providers | grep $oidc_id | cut -d "/" -f4

Related[edit]

• Granting access to an IAM principal to view Kubernetes resources on a cluster

• Configuring a Kubernetes service account to assume an IAM role
• EKS OIDC
• Dynamic Credentials with the AWS Provider
• Terraform module: Github-oidc-provider

See also[edit]

• EKS OIDC, eksctl utils associate-iam-oidc-provider, aws iam list-open-id-connect-providers
• OIDC, kubectl oidc-login, AWS IAM OIDC, EKS OIDC, EKS module, aws iam list-open-id-connect-providers | aws iam create-open-id-connect-provider | aws iam get-open-id-connect-provider, OIDC tokens, aws_lb_listener_rule
• Terraform EKS module: manage_aws_auth_configmap, create_aws_auth_configmap, aws_auth_roles, aws_auth_users, aws_auth_accounts, module.eks, Amazon EKS Blueprints for Terraform, OIDC