AWS
AWS (EKS)
The official AWS EKS user guide guides users to create their cluster using the official eksctl
tool.
tl;dr
The following command will create an EKS cluster with a managed node group using any AWS instances that meet the criteria of 4 vCPUs and 16 GiB of memory. It uses IAM Roles for Service Accounts (IRSA) to attach a policy to the cluster allowing power user access to AWS' Elastic Container Registry. Visit the docs for more details on the AmazonEC2ContainerRegistryPowerUser policy.
Permissions
IAM users or roles need the following AWS permissions to interact with your EKS cluster: eks:DescribeCluster eks:AccessKubernetesApi
You can select these when creating the policy through the UI, or with this JSON version:
You will also need a Kubernetes role and service account in the EKS cluster. This can be achieved with the aws-auth configmap. The instructions are documented here. If you are interested in minimizing the permissions in the cluster, please take a look at our Kubernetes RBAC guide.
Last updated
Was this helpful?