...
Cloudaware support the following options of configuration access to EKS:
| Table of Contents |
|---|
Full Access
1. Ensure that the AWS credentials that kubectl is using are already authorized for your cluster (the IAM user that created the cluster has required permissions by default). 1.1. Open the aws-auth ConfigMap:
| Code Block |
|---|
kubectl edit -n kube-system configmap/aws-auth |
1 2. 2 Add CloudAware IAM role to the ConfigMap.
a 2.1. To locate CloudAware IAM role ARN, log in to your Cloudaware account → Admin (under your username in the upper right corner) → Amazon accounts → locate AWS account where the access to EKS should be granted → click SEE ALL in column 'Connected Identities':
...
b 2.2. To add an IAM role: add the role details to the mapRoles section of the ConfigMap under data. Use the section below if it is not present in the file:
...
CLOUDAWARE_ROLE_ARN in rolearn- is a placeholder that needs to be replaced by your Cluster Role ARN.rolearn - the ARN of the IAM role to be added (CLOUDAWARE_ROLE_ARN is a placeholder that needs to be replaced by your Cluster Role ARN).
username - the username within Kubernetes to be mapped to the IAM role (doesn't require changes).
groups - a list of groups within Kubernetes where the role is mapped to (doesn't require changes). Check Default Roles and Role Bindings for more information.
...