/
40-access-entries.yaml
39 lines (35 loc) · 1.28 KB
/
40-access-entries.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# An example of cluster config that uses access entries for cluster access management.
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: access-entries-cluster
region: us-west-2
version: '1.29'
nodeGroups:
- name: ng
instanceType: m5d.large
accessConfig:
bootstrapClusterCreatorAdminPermissions: false # default is true
authenticationMode: API
accessEntries:
- principalARN: arn:aws:iam::111122223333:user/my-user-name
type: STANDARD # optional Type
kubernetesGroups: # optional Kubernetes groups
- group1 # groups can used to give permissions via RBAC
- group2
- principalARN: arn:aws:iam::111122223333:role/role-name-1
accessPolicies: # optional access polices
- policyARN: arn:aws:eks::aws:cluster-access-policy/AmazonEKSViewPolicy
accessScope:
type: namespace
namespaces:
- default
- my-namespace
- dev-*
- principalARN: arn:aws:iam::111122223333:role/admin-role
accessPolicies: # optional access polices
- policyARN: arn:aws:eks::aws:cluster-access-policy/AmazonEKSClusterAdminPolicy
accessScope:
type: cluster
- principalARN: arn:aws:iam::111122223333:role/role-name-2
type: EC2_LINUX