An Amazon EKS cluster IAM role is required for each cluster. Kubernetes clusters managed by Amazon EKS use this role to manage nodes and the legacy Cloud Provider uses this role to create load balancers with Elastic Load Balancing for services.
Creating the Amazon EKS cluster role:
You can use the AWS Management Console or the AWS CLI to create the cluster role. AWS Management Console Open the IAM console at https://console.aws.amazon.com/iam/. Choose Roles, then Create role. Under Trusted entity type, select AWS service. From the Use cases for other AWS services dropdown list, choose EKS. Choose EKS - Cluster for your use case, and then choose Next. On the Add permissions tab, choose Next. For Role name, enter a unique name for your role, such as eksClusterRole. For Description, enter descriptive text such as Amazon EKS - Cluster role. Choose Create role.
AWS CLI
a) Copy the following contents to a file named EKS-loadbalancer-policy.json.
Set up an IAM service account in an EKS cluster, allowing the AWS Load Balancer Controller to manage AWS Load Balancers on behalf of the Kubernetes cluster.
Creates a Kubernetes ServiceAccount named aws-load-balancer-controller.
Associates it with an IAM Role (AmazonEKSLoadBalancerControllerRole).
Attaches the AWSLoadBalancerControllerIAMPolicy.
Allows Kubernetes to use AWS IAM for authentication.
No comments:
Post a Comment