HomeTutorsContact
AWS - Amazon Web Services
EKS Add User VS. Role
Anton Putra
December 25, 2020
1 min

EKS Add User VS. Role


In this video, we will explore options to add users and roles to the EKS cluster.

  • Add an IAM user with read only access to EKS cluster
  • Add an IAM role with root access and assume this role by IAM user

Add an IAM user with read only access to EKS cluster

  • Create rbac.yaml
  • Create RBAC
  • Create AmazonEKSDeveloperPolicy policy to let users view nodes and workloads for all clusters in the AWS Management Console
  • Create eks-developer IAM group and attach AmazonEKSDeveloperPolicy policy

  • Create developer user

  • Add developer profile aws configure --profile developer

  • Add to aws-auth configmap developer user ARN.

  • Configure kubectl context for developer user
  • Check kubeconfig
  • Check permissions

Create an IAM role with admin/root access and assume this role by IAM user.

  • Create AmazonEKSAdminPolicy policy
  • Create eks-admin role and attach AmazonEKSAdminPolicy policy

  • Describe eks-admin role

  • Create AmazonEKSAssumePolicy policy that allows to assume the role
  • Create manager user to use eks-admin role

  • Add manager profile aws configure --profile manager

  • Check if manager user can assume eks-admin role

  • Update kubeconfig for the user that created EKS cluster
  • Add to aws-auth configmap eks-admin role ARN.
  • Create eks-admin profile to assume role vim ~/.aws/config
  • Configure kubectl context for manager user to automatically assume eks-admin role
  • Check kubeconfig
  • Check if manager has admin access to EKS cluster

Clean Up

  • Delete roles

    • eks-admin
  • Delete policies

    • AmazonEKSDeveloperPolicy
    • AmazonEKSAssumePolicy
    • AmazonEKSAdminPolicy
  • Delete IAM groups

    • eks-admin
    • eks-developer
  • Delete users

    • manager
    • devops
    • developer
  • Clean UP ~/.aws/config and ~/.aws/credentials

  • Clean UP


Tags

#AWS#EKS#Kubernetes

Anton Putra

DevOps Engineer

Big Data | DevOps engineer with hands-on experience in building large, scalable batch and real-time applications with Apache Spark, Hive, Flink on top of Kubernetes; designing and developing CI/CD pipelines.

Expertise

Kubernetes
Terraform
AWS
GCP

Social Media

youtubefacebooklinkedinwebsite

Related Posts

Test Lambda Container Images
How to Test Lambda Container Images?
February 28, 2021
1 min
© 2021, All Rights Reserved.

Quick Links

About UsContact Us

Social Media