Tutorial Highlights & Transcript
00:00 - Introduction
00:17 - EKS Cross-Account Access Overview
00:43 - Start of Demo
01:32 - Creating a Switch Role
Let me click on the Elastic Kubernetes Service. And here you can see that we are able to list down all the clusters. In this case, there is one cluster which is eks-demo-1. When we click on this cluster, you can see all the basic information here regarding that cluster. But when you click on the Resources, you are not able to see the workloads running on that cluster. As you can see here, there are zero pods running, no deployments, and no replica sets, and over here you get a little warning that your current user or role does not have access to the Kubernetes objects on this EKS Cluster. Basically, this means that we are authenticated to this cluster, but we are not authorized to this EKS cluster.
04:48 - EKS Cluster Access
For the groups, we need to add this role in the groups called system masters. Basically, this group, which is system masters, has all the permissions related to the admin level. When we create an EKS cluster, there is by default a cluster role and cluster role binding created by default, and all the admin level access is provided in that cluster role. Here we need to add the ARN of that role that we created earlier. Let me copy that role’s ARN from the client’s AWS account. Let me paste it here. And we need to provide a username. We can specify any username here. In this case, I’m going to provide nClouds. This means that we are adding this role to this group which is system masters and after adding this role which is nClouds EKS access we’ll have all the admin level permissions with this EKS cluster. Let me save this.
07:43 - Summary and Results
Senior Support Engineer
Jasmeet joined nClouds in 2020 as a Support Engineer. Since then, he has been promoted to Senior Support Engineer.