Do you have a recommendation on what specifically you would like to document here?
Stack outputs aws eks update-kubeconfig command for authentication. It is a simple task to document this. With respect to readonly authentication of team users there will be a need to add code level support to modify the configmap with specific IAM users who are allowed access. This is not a documentation tasks as it requires a hopefully elegant implementation of assigning IAM users to teams and translate that to cluster access. I see three implementation tasks outside of the documentation update:
Add support for IAM users access to the cluster (e.g. readonly for preprod)
Add support for AWS SSO and integration with LDAP/AD for user access allowing mapping LDAP/AD groups to IAM roles and restrictions to specific namespaces.
Add support for OIDC provider support that allows integration of OIDC providers (e.g. Okta) with EKS.
Do you have a recommendation on what specifically you would like to document here? Stack outputs
aws eks update-kubeconfig
command for authentication. It is a simple task to document this. With respect to readonly authentication of team users there will be a need to add code level support to modify the configmap with specific IAM users who are allowed access. This is not a documentation tasks as it requires a hopefully elegant implementation of assigning IAM users to teams and translate that to cluster access. I see three implementation tasks outside of the documentation update:Each will require a doc update.