KubeZero/charts/kubeadm/templates/resources/02-aws-iam-authenticator-mappings.yaml

27 lines
689 B
YAML
Raw Normal View History

{{- if eq .Values.platform "aws" }}
2021-03-11 08:00:47 +00:00
# Controller role for consistency, similar to kubeadm admin.conf
apiVersion: iamauthenticator.k8s.aws/v1alpha1
kind: IAMIdentityMapping
metadata:
name: kubezero-worker-nodes
spec:
2021-05-28 15:16:36 +00:00
arn: {{ .Values.workerNodeRole }}
username: system:node:{{ "{{" }}EC2PrivateDNSName{{ "}}" }}
groups:
# For now use masters, define properly with 1.20
- system:masters
- system:nodes
- system:bootstrappers
---
# Admin Role for remote access
apiVersion: iamauthenticator.k8s.aws/v1alpha1
kind: IAMIdentityMapping
metadata:
name: kubernetes-admin
spec:
arn: {{ .Values.kubeAdminRole }}
username: kubernetes-admin
groups:
- system:masters
{{- end }}