0

EKS 新手,学习。我知道可以通过添加到 aws-auth 配置映射来向 IAM 用户/角色提供访问权限,但是当第一次创建集群时,AWS-auth 只有一个条目。

apiVersion: v1
data:
  mapRoles: |
    - "groups":
      - "system:bootstrappers"
      - "system:nodes"
      "rolearn": "arn:aws:iam::XXXXXXXXXXXXXXX:role/test-eks"
      "username": "system:node:{{EC2PrivateDNSName}}"
kind: ConfigMap
metadata:
  name: aws-auth
  namespace: kube-system

kubeconfig 文件

apiVersion: v1
kind: Config
clusters:
- cluster:
    certificate-authority-data: XXXXXXXXXXX
    server: https://XXXXXXXXXXXXX.XXX.us-east-1.eks.amazonaws.com
  name: arn:aws:eks:us-east-1:XXXXXXXXXXXX:cluster/test-eks
contexts:
- context:
    cluster: arn:aws:eks:us-east-1:XXXXXXXXXXXX:cluster/test-eks
    user: arn:aws:eks:us-east-1:XXXXXXXXXXXX:cluster/test-eks
  name: arn:aws:eks:us-east-1:XXXXXXXXXXXX:cluster/test-eks
current-context: arn:aws:eks:us-east-1:XXXXXXXXXXXX:cluster/test-eks
users:
- name: arn:aws:eks:us-east-1:XXXXXXXXXXXX:cluster/test-eks
  user:
    exec:
      apiVersion: client.authentication.k8s.io/v1alpha1
      args:
      - --region
      - us-east-1
      - eks
      - get-token
      - --cluster-name
      - test-eks
      command: aws

问题:我如何能够以管理员身份访问集群?我(IAM 用户)具有集群管理员访问权限的集群中定义的位置?请帮助我理解。先感谢您!

4

1 回答 1

0

https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html

当您创建 Amazon EKS 集群时,IAM 实体用户或角色...在控制平面中的集群 RBAC 配置中被自动授予 system:masters 权限。

您已经是管理员,因为您是集群的创建者。

于 2021-10-25T09:18:32.063 回答