Skip to content

Latest commit

 

History

History

RBAC

README.md

Pre-Requisites

EKS Cluster

Create NameSpace devops

kubectl create ns devops

Create deployment

kubectl apply -f deployment.yml

Get User details

aws sts get-caller-identity

Create user in AWS and get AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY

vi rbacuser_creds.sh

provide details and save file

Get ConfigMaps details

kubectl get configmaps aws-auth -n kube-system

image

Add User info to eks-cluster with in ConfigMaps file

kubectl edit configmaps aws-auth -n kube-system
--------------------------------------------------------
mapUsers: |
  - userarn: arn:aws:iam::601279438670:user/naresh
    username: naresh
--------------------------------------------------------

Role Binding In RBAC:

A role in Kubernetes RBAC defines what you will do to a group of resources. It contains a group of rules which define a set of permission.

Here’s an example Role within the “default” namespace that can be used to grant read access to pods:

image

kubectl apply -f rbacuser-role.yaml

Cluster Role Binding In RBAC

image

kubectl apply -f rbacuser-role-binding.yaml

Run shell script rbacuser_creds.sh

. rbacuser_creds.sh

Now check User

aws sts get-caller-identity

Check pods of other namespace

kubectl get pods

It will through some error

image

Check pod details with in namespace with new user naresh

kubectl get pods -n devops

image