How to integrate IAM role to AWS EKS & give “Admin” permission in RBAC
As part of the CI/CD we need to deploy into AWS EKS cluster. I am showcasw the work I did.
In the jenkins master server. I did the belwo installations.
a. AWS cli
b. kubectl
Next step: I will go to AWS console, create on IAM role , named as eks-auth, with IAM policy of “EKS cluster policy”
* later I will attach to Jenkins master EC2 instance.
*
I will ask , EKS admin, who crerated that cluster, run the below commands
Note: the below content is available in this link
https://www.eksworkshop.com/intermediate/220_codepipeline/configmap/
ROLE=” — rolearn: arn:aws:iam::${ACCOUNT_ID}:role/EksWorkshopCodeBuildKubectlRole\n username: build\n groups:\n — system:masters”
kubectl get -n kube-system configmap/aws-auth -o yaml | awk “/mapRoles: \|/{print;print \”$ROLE\”;next}1" > /tmp/aws-auth-patch.yml
kubectl patch configmap/aws-auth -n kube-system — patch “$(cat /tmp/aws-auth-patch.yml)”
- note: read content the above link, do according
later I will ask EKS amdin, give “kubeconfig file” He will provide that.
Later I will update that content at jenkins master.
a. I will ssh into jenkins mastet
b. jenkins master, cd /var/lib/jenkins/
c. in that directory , create .kube direcotry , for that linxu command “ mkdir .kube
d. cd .kube
e. vi config
f. in that file paste the kubeconfig file got from EKS administrator.
laster run kubectl get nodes.
Then it need to give output.
if output give then EKS master is authenticated