Managing Users or IAM Roles for your Cluster - Amazon EKS

Originally published at:

When creating an Amazon EKS cluster, the IAM entity user or role (such as a federated user that creates the cluster) is automatically granted system:masters permissions in the cluster’s RBAC configuration. The aws-auth ConfigMap (within Kubernetes) must be edited to grant additional AWS users or roles the ability to interact with a cluster. This article outlines the procedure for launching worker nodes and applying the aws-auth ConfigMap.