TOI: EKS cluster discovery using STS AssumeRoles (Without AWS CLI)
Jump to navigation
Jump to search
↑ https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1182188
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1182188
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: cluster-read-only-role [1] rules: - apiGroups: ["*"] resources: ["*"] verbs: ["get","watch","list"] - nonResourceURLs: - /metrics verbs: - get
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: cluster-read-only-role-binding subjects: - kind: User name: discovery-read-only-user apiGroup: rbac.authorization.k8s.io roleRef: kind: ClusterRole name: cluster-read-only-role apiGroup: rbac.authorization.k8s.io
aws-auth eksctl create iamidentitymapping --cluster <ClusterName> --region=<region-code> --arn <ARN> --username <Username> --no-duplicate-arns
sn_itom_pattern.k8s_aws_cli_to_generate_token
Related[edit]
See also[edit]
- ServiceNow:
snc
, ServiceNow Kubernetes discovery, ServiceNow CMDB, ServiceNow ITOM, MID Server, ServiceNow Cloud Observability - Kubernetes users, Kubernetes groups, Kubernetes roles, Kubernetes service accounts
Advertising: