This repository has been archived by the owner on Jul 19, 2023. It is now read-only.
get aws cred from IAM Roles for Service Accounts #82
Comments
|
Once you have configured IRSA (IAM Roles for Service Accounts) you can simply omit credentials/profile options to this plugin and it will just work as it does in other Kubernetes with IRSA enabled pods. |
|
I have applied IRSA for logtsash pod but plugin still tries to use assume role from node instead of the new IRSA role. |
|
it didnt work for me, later we moved to different approach altogether so not using this plugin |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
AWS recently launched "IAM Roles for Service Accounts", here is more information on that https://aws.amazon.com/blogs/opensource/introducing-fine-grained-iam-roles-service-accounts/
how to use these credentials in this plugin?
the blog says:
The AWS SDKs have been updated with a new credential provider that calls sts:AssumeRoleWithWebIdentity, exchanging the Kubernetes-issued OIDC token for AWS role credentials
But I couldnt understand how to use those credentials with this plugin
The text was updated successfully, but these errors were encountered: