Next, we’ll define a k8s user called rbac-user, and map to it’s IAM user counterpart. Run the following to create a ConfigMap called aws-auth.yaml that creates this mapping:
cat << EoF > aws-auth.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: aws-auth
namespace: kube-system
data:
mapUsers: |
- userarn: arn:aws:iam::${ACCOUNT_ID}:user/rbac-user
username: rbac-user
EoF
Some of the values may be dynamically populated when the file is created. To verify everything populated and was created correctly, run the following:
cat aws-auth.yaml
And the output should reflect that rolearn and userarn populated, similar to:
Next, apply the ConfigMap to apply this mapping to the system:
kubectl apply -f aws-auth.yaml