Use eksctl when creating the IAM role and trust relationship #818
Conversation
|
I'm not sure if we should remove the current documentation, because not everyone uses Maybe you can add it using <details>
<summary>Create IAM role with trust relationship using `eksctl`...</summary>
<p>
method one desc..
</p>
<details>
<summary>Create IAM role with trust relationship using `aws` cli...</summary>
<p>
method two desc..
</p>
</details> Create IAM role with trust relationship using `eksctl`...
eksctl create iamserviceaccount --cluster <cluster-name> --region <region> --name="$SERVICE_ACCOUNT_NAME" --namespace="$SERVICE_ACCOUNT_NAMESPACE" --role-name="$IAM_ROLE_NAME" --role-only --attach-policy-arn="arn:aws:iam::aws:policy/AdministratorAccess" --approve |
AUTHENTICATION.md
Outdated
| Create IAM role with trust relationship: | ||
|
|
||
| ``` | ||
| eksctl create iamserviceaccount --cluster <cluster-name> --region <region> --name="$SERVICE_ACCOUNT_NAME" --namespace="$SERVICE_ACCOUNT_NAMESPACE" --role-name="$IAM_ROLE_NAME" --role-only --attach-policy-arn="arn:aws:iam::aws:policy/AdministratorAccess" --approve |
There was a problem hiding this comment.
some of the variables use the <variable-name> syntax, and others use $VARIABLE_NAME. For consistency, I recommend choosing one or the other.
There was a problem hiding this comment.
Yeah... In some parts of the documentation it is being used <cluster-name> or <region> and somewhere else ${SERVICE_ACCOUNT_NAMESPACE}.
I would prefer to use bash variable like ${CLUSTER_NAME} everywhere if you agree...?
Signed-off-by: Petr Ruzicka <petr.ruzicka@gmail.com>
|
@ruzickap looks good, I see you did some final touches, now even |
|
Sure... Go ahead... |
…ns-setup-go-digest Update actions/setup-go digest to 93397be
Description of your changes
Simplify using IRSA by using
eksctlfor creating IAM role and IAM role trust relationship.