Kiam for Pod IAM access in EKS

When it comes to authentication and authorization in AWS, IAM (Identity & Access Management) is a crucial component. If you are utilizing EKS (Elastic Kubernetes Service – managed Kubernetes from AWS), granting IAM access to pods can make things simpler for migrating existing applications. There are a few reasons why IAM access in pods is important:

  • Pods need AWS resources but, they are ephemeral and can’t rely on nodes for that. For example, one pod might be on node A now and might be on node B a few hours later.
  • Applications running inside pods need access to AWS resources such as creating or deleting an S3 bucket, launching EC2 instances that would require additional work without adequate IAM access.
  • Using IAM roles inside pods also ensures per application credentials which is a more secure architecture.

In AWS, IAM roles are attributed through instance profiles and are accessible by services through the usage of aws-sdk.. read full post here

submitted by /u/chetanpdeshmukh
[link] [comments]