New to EKS, Learning. I understand that Access can be provided to IAM Users/Roles by adding to the aws-auth config map, but when the cluster was created the first time, the AWS-auth has only one entry.
apiVersion: v1
data:
mapRoles: |
- "groups":
- "system:bootstrappers"
- "system:nodes"
"rolearn": "arn:aws:iam::XXXXXXXXXXXXXXX:role/test-eks"
"username": "system:node:{{EC2PrivateDNSName}}"
kind: ConfigMap
metadata:
name: aws-auth
namespace: kube-system
kubeconfig file
apiVersion: v1
kind: Config
clusters:
- cluster:
certificate-authority-data: XXXXXXXXXXX
server: https://XXXXXXXXXXXXX.XXX.us-east-1.eks.amazonaws.com
name: arn:aws:eks:us-east-1:XXXXXXXXXXXX:cluster/test-eks
contexts:
- context:
cluster: arn:aws:eks:us-east-1:XXXXXXXXXXXX:cluster/test-eks
user: arn:aws:eks:us-east-1:XXXXXXXXXXXX:cluster/test-eks
name: arn:aws:eks:us-east-1:XXXXXXXXXXXX:cluster/test-eks
current-context: arn:aws:eks:us-east-1:XXXXXXXXXXXX:cluster/test-eks
users:
- name: arn:aws:eks:us-east-1:XXXXXXXXXXXX:cluster/test-eks
user:
exec:
apiVersion: client.authentication.k8s.io/v1alpha1
args:
- --region
- us-east-1
- eks
- get-token
- --cluster-name
- test-eks
command: aws
Question: How I am able to access Cluster as Admin? where it was defined in the cluster that I (IAM User) have cluster-admin access? Please help me in understanding. Thank You in Advance!
https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html:
When you create an Amazon EKS cluster, the IAM entity user or role... is automatically granted system:masters permissions in the cluster's RBAC configuration in the control plane.
You are already the admin as you are the creator of the cluster.