search

redradrat / aws-iam-operator

AWS IAM Operator for Kubernetes
Apache License 2.0
32 stars 7 forks source link

EKS cluster auth mapping #10

Open redradrat opened 4 years ago

redradrat commented 4 years ago

User/Role resource should have an option to map a the created resource for EKS cluster access.

Proposal: Custom Resource User/Role should offer an option to register itself with the context cluster's AWS authentication map, and provide an option to map to an RBAC role.

apiVersion: aws-iam.redradrat.xyz/v1beta1
kind: User
metadata:
  name: user-sample
spec:
  createLoginProfile: false
  createProgrammaticAccess: true
  eksClusterMapping:
    - username: "demouser"
      groups:
        - "demo:group"
---
apiVersion: aws-iam.redradrat.xyz/v1beta1
kind: Role
metadata:
  name: role-sample
spec:
  createServiceAccount: false
  eksClusterMapping:
    - username: "demouser"
      groups:
        - "demo:group"