EKS Service Account Annotation
I have a service account, and this needs access to multiple aws services. Is there any way we could specify multiple role an annotations, or do we expect to create a generic role and give access to all the required services?
The below not supported?
ChatGPT says,
apiVersion: v1
kind: ServiceAccount
metadata:
name: my-service-account
annotations:
eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/my-role-1
eks.amazonaws.com/role-arn: arn:aws:iam::111111111111:role/my-role-2Solution
yes its not supported like what you shown.
example supported:
apiVersion: v1
kind: ServiceAccount
metadata:
annotations:
eks.amazonaws.com/role-arn: arn:aws:iam::123456789012:role/xxxx
your options is to use 1 iam role arn like above, with multiple IAM policy attached. I don't think its hard to add multiple policy to a role.
- How much CPU and RAM is necessary for master and worker nodes for a microservices deployment with MongoDB as database?
- otel-collector to scrap multiple pods
- Docker image running in k8s which needs gcloud auth credentials
- Helm go sdk install chart from external location
- kubernetes to print specific columns
- Python 3 relative imports behave differently between local run and on k8s
- Unable to create secret in kubernetes: "Secret is invalid: data[.dockerconfigjson]: Invalid value: "<secret contents redacted>": invalid character 'e'
- Kubernetes Ingress to External Service?
- Kubernetes: expired certificate
- 0/1 nodes are available: 1 pod has unbound immediate PersistentVolumeClaims
- route.yaml to reach the admin page of a wildfly container deployed in openshift local (CRC)
- How to set multiple kubeconfigs using powershell
- ActiveMQ Artemis: Primary Pod Restart Loop with Shared Store HA
- ActiveMQ Artemis primary pod goes to restart loop after change to shared-store HA option
- couldn't get current server API group list: the server has asked for the client to provide credentials error: You must be logged in to the server
- How could be memory dump saved in kubernetes cluster after crashing?
- multiple command in postStart hook of a container
- How to attach Job Labels to Job Events in Fluent Bit Kubernetes Events
- Target Group Binding not getting created for an ALB
- Unable to access my minikube cluster from the browser (❗ Because you are using a Docker driver on windows, the terminal needs to be open to run it.)
- Springboot Swagger Ui Throwing Whitelabel Error Page when Accessed using K8S IP and Nodeport
- Unset/remove default value in helm values.yaml
- Set ENV Variable Dynamically in a Dockerfile
- Docker desktop - kubernetes failed to start
- My kubernetes pods keep crashing with "CrashLoopBackOff" but I can't find any log
- What is the meaning of CPU and core in Kubernetes?
- controller runtime: GrandPa, Son, GrandSon and setting OwnerReferences
- One command to restore local PostgreSQL dump into kubectl pod?
- How to configure HorizontalPodAutoscaler?
- ASP.NET Core application in K8S sometimes hangs on HostBuilder.Buid()