Closed van-vothanh closed 3 years ago
Hi @van-vothanh - The ServiceAccount
in cdk8s-plus
is not natively integrated with AWS IAM roles.
You can create an iam.Role
using the @aws-cdk/aws-iam
package, add the desired policies and then annotate the service account with the role arn.
Essentially it would mean re-implementing the logic in the @aws-cdk/aws-eks.ServiceAccount
construct.
hi @iliapolo thanks for the clarification
cheers
With the
@aws-cdk/aws-eks
package, it is possible to add an IAM policy statement to aServiceAccount
through the this method https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-eks.ServiceAccount.html#add-wbr-to-wbr-principal-wbr-policystatement-span-class-api-icon-api-icon-experimental-title-this-api-element-is-experimental-it-may-change-without-notice-spanHow do we achieve the same using
cdk8-plus
'sServiceAccount
construct?Thank you