How to resolve I AM User/Role doesn't have access to "Kubernetes Objects" in EKS Cluster.
Вставка
- Опубліковано 24 лип 2021
- This videos helps you to add I am User/role to your EKS cluster so your newly created user can view/List/Create/Delete all the resources in EKS Cluster.
Also Check Below Links:
How to create EKS Cluster: • Simple & easy way to d...
EKS Based Policy : docs.aws.amazon.com/eks/lates...
Create ClusterRole and ClusterRoleBinding: aws.amazon.com/premiumsupport...
This is the one that I was searching for
Found a 💎
Thank you so much! I spent many hours trying to decipher the steps and you made them very clean! Congratulations! That should be easier.
Thank you so much @vinicius prudencio for your kind words. Please help to share my channel within your network 🙏
Thank you very much!! I spent many hours trying to decipher the steps and you made them very clear!!
Thank you so much. Your valuable comment encourage us to make such videos.
Thanks much Avinash bro for such a clear demo. Was looking for a crystal solution for many hours, but u made it clear in 15 mins ❤️🔥
My pleasure Bro 🙏 . Many thanks for your valuable comments. That really encourage me a lot to keep making DevOps Videos. Please help me to share my channel within your network.
Great video mate 😊❤
Please subscribe my Travel Vlog Channel also:
ua-cam.com/channels/CUJ20BdG20iL_P2dwZv6Qg.html
Thanks for this Troubleshooting Guide its very clear!!!
Thank you so much for your valuable words. Could you please help me to share my channel within your network on LinkedIn
Thanks man, you saved my assignment!!
Thank you so much brother 🙏 Please help me to share my channel within your friends. Please ask them to subscribe my channel 😀
I want to give you a big thanks for this video. You save me! I have this exact problem in AWS!!!!
Thank you so much brother. Your valuable comment encourage me a lot. Please help me to share my channel within your friends & colleagues 🙏
@@avinashkumar-thelearningdest Sure I will share your channel among my friends.
@@Hackenbaker Thank you so much.
Hi Avinash,
Thank you for saving us some time. I have a one question, say I have a team of developer and I have to provide everyone with same access as you demonstrate.
Is there a way to provide access to whole group rather than individual user?
You are a life saver, thank you so much :)
Thank you so much 💓
Hi Avinash...can you share the policies attached to the group in the initial part..Also not able to see the clusterrole and rolebinding policy in the links which you have shared in description
Hello Avinash! Thankyou for this concept . I’m facing error from server(forbidden): User ‘Admin’ cannot list resource ‘pods’ in api group in namespace default while giving command kubectl get pods .. how can I resolve this ? If this is Rbac issue how to resolve it …
very goos explanation... but sound is so low... plz consider it. Ty
Thank you so much, and thanks for the feedback. I have improved the sound quality in recent videos.
Hello sir, it is very nice video. I have a question. You created iam user, then, defined cluster role and binding. After that you updated config auth details, where you added iam user and group name mentioned in cluster role binding. Are we linking iam user and group in cluster role binding wheer group has rbac permission. Is this understanding correct?
Hello sir, do we need to create kubernetes group mentioned in clusterrolebinding first or system will create it on its own
Thanks much MR Avinashi is clear tuto need file yaml full acces
nice...pls do more videos on eks
Hi Mahendra, Thank you so much, brother, for your appreciation ❤️ . Surely, I will keep releasing videos. Also, one request please help me to share my channel within your network. I really need support from you guys. :)
Thanks😊
Welcome Brother 🙏
Sir , I created cluster from root user, and then trying to access cluster from kubectl from my local Linux machine, before execute kubectl command ,I executed aws ekc update-kubeconfig --name "" --region "" --role-arn "arn details of root user" but it's failed and showing "could not connect to the endpoint url "
Pls advise me , I am cluster creator ,how add other iam user and access to them in my cluster
Hi Avinash, I am facing this issue. My SSO admin user is unable to see the service/pods etc. its a Fargate based deployment. However I am not using Terraform, the custer is created manually. So couldnt understand your step on cluster role and binding....How to do them through CLI?
Hi Alok, let me debug it tomorrow..Will let you know.
I believe it should be possible to do using a iam role instead of user. You can then assume the role by setting up customer managed policy in SSO permission set that point to the role you mapped in eks rbac configmap.
Once this is done you can use the cli
aws configure sso
And select the customer managed policy you made. After this just configure kubeconfig with Aws cli. I believe that the sessions through the SSO is quiet short lived though so you might have to renew it each time.
Never tried it so it might not work but that's how I would try to implement kubectl SSO sessions.
9:14 - sir use executing kubectl command ,but didn't show what you configured
Hi Avinash...
Thanks for the solutions
I have one question how to provide access to 2 IAM users ?..
Hi Brother, you can assign the role and you can set the permissions to Role. Let me know if I answer your query if not let's connect on LinkedIn "Avinash Mahto"
Here you have explained how to user and groups - can you explain how to user Iam roles and groups
Thank for your comment brother. Sure I will cover it soon. Please help me with sharing my channel within your friends and colleagues