KubeZero/containers/admin/v1.21/kubeadm/templates/resources/52-aws-iam-authenticator-mappings.yaml

{{- if .Values.api.awsIamAuth.enabled }}
# Controller role for consistency, similar to kubeadm admin.conf
apiVersion: iamauthenticator.k8s.aws/v1alpha1
kind: IAMIdentityMapping
metadata:
  name: kubezero-worker-nodes
spec:
  arn: {{ .Values.api.awsIamAuth.workerNodeRole }}
  username: system:node:{{ "{{" }}EC2PrivateDNSName{{ "}}" }}
  groups:
  # For now use masters, define properly with 1.20
  - system:masters
  - system:nodes
  - system:bootstrappers
---
# Admin Role for remote access
apiVersion: iamauthenticator.k8s.aws/v1alpha1
kind: IAMIdentityMapping
metadata:
  name: kubernetes-admin
spec:
  arn: {{ .Values.api.awsIamAuth.kubeAdminRole }}
  username: kubernetes-admin
  groups:
  - system:masters
{{- end }}
feat: various re-org for 1.21 2021-12-01 12:33:11 +00:00			`{{- if .Values.api.awsIamAuth.enabled }}`
Bump ECK operator to 1.4.1 2021-03-11 08:00:47 +00:00			`# Controller role for consistency, similar to kubeadm admin.conf`
Kubeadm chart for 1.19, improved tooling 2021-02-12 11:04:16 +00:00			`apiVersion: iamauthenticator.k8s.aws/v1alpha1`
			`kind: IAMIdentityMapping`
			`metadata:`
Bugfixes for control plane, proper calico cpu requests 2021-03-17 16:29:44 +00:00			`name: kubezero-worker-nodes`
Kubeadm chart for 1.19, improved tooling 2021-02-12 11:04:16 +00:00			`spec:`
feat: various re-org for 1.21 2021-12-01 12:33:11 +00:00			`arn: {{ .Values.api.awsIamAuth.workerNodeRole }}`
Bugfixes for control plane, proper calico cpu requests 2021-03-17 16:29:44 +00:00			`username: system:node:{{ "{{" }}EC2PrivateDNSName{{ "}}" }}`
Kubeadm chart for 1.19, improved tooling 2021-02-12 11:04:16 +00:00			`groups:`
Bugfixes for control plane, proper calico cpu requests 2021-03-17 16:29:44 +00:00			`# For now use masters, define properly with 1.20`
Kubeadm chart for 1.19, improved tooling 2021-02-12 11:04:16 +00:00			`- system:masters`
Bugfixes for control plane, proper calico cpu requests 2021-03-17 16:29:44 +00:00			`- system:nodes`
			`- system:bootstrappers`
Kubeadm chart for 1.19, improved tooling 2021-02-12 11:04:16 +00:00			`---`
			`# Admin Role for remote access`
			`apiVersion: iamauthenticator.k8s.aws/v1alpha1`
			`kind: IAMIdentityMapping`
			`metadata:`
			`name: kubernetes-admin`
			`spec:`
feat: various re-org for 1.21 2021-12-01 12:33:11 +00:00			`arn: {{ .Values.api.awsIamAuth.kubeAdminRole }}`
Kubeadm chart for 1.19, improved tooling 2021-02-12 11:04:16 +00:00			`username: kubernetes-admin`
			`groups:`
			`- system:masters`
Make kubeadm config work on bare-metal, minor tuning 2021-02-22 13:41:32 +00:00			`{{- end }}`