KubeZero/containers/admin/v1.21/kubeadm/templates/resources/52-aws-iam-authenticator-mappings.yaml

24 lines
600 B
YAML
Raw Normal View History

2021-12-01 12:33:11 +00:00
{{- if .Values.api.awsIamAuth.enabled }}
apiVersion: iamauthenticator.k8s.aws/v1alpha1
kind: IAMIdentityMapping
metadata:
name: kubezero-worker-nodes
spec:
2021-12-01 12:33:11 +00:00
arn: {{ .Values.api.awsIamAuth.workerNodeRole }}
username: system:node:{{ "{{" }}EC2PrivateDNSName{{ "}}" }}
groups:
2021-12-03 21:13:40 +00:00
- system:bootstrappers:kubeadm:default-node-token
---
2021-12-03 21:13:40 +00:00
# Admin Role for remote access
apiVersion: iamauthenticator.k8s.aws/v1alpha1
kind: IAMIdentityMapping
metadata:
name: kubernetes-admin
spec:
2021-12-01 12:33:11 +00:00
arn: {{ .Values.api.awsIamAuth.kubeAdminRole }}
username: kubernetes-admin
groups:
- system:masters
{{- end }}