94 words
1 minutes
AWS EKS In Practice 02
EKS pods access AWS resource
[!info] You can get more detail about this chapter from AWS official
documentation IAM roles for service accounts (IRSA)
and eksctl documentation IAM Roles for Service Accounts
New Service Account
You can use the following command to create one service account attach the specific policy, and then you can allocate the pod with the service account, then the pod can access AWS resource
eksctl create iamserviceaccount --cluster=<clusterName> --name=<serviceAccountName> --namespace=<serviceAccountNamespace> --attach-policy-arn=<policyARN>Existing Service Account
If you want one pod with existing service account can access AWS resource, you can add the following annotation to the service account: eks.amazonaws.com/role-arn={iam-role-arn}
AWS EKS In Practice 02
https://blog.ivyxjc.com/posts/aws-eks-practice-02/