How can I access AWS from a pod running under EKS/KOPS Cluster?

Question

I have a pod which I plan to run under EKS & KOPS managed cluster. The pod does some calculations and I want to write the results to DynamoDB.

How can I access AWS DynamoDB from it?

Also, say I want to package it using helm, is there an option that all of the required configuration to access AWS would be only pod helm package related without any cluster configuration?

score 2 · Accepted Answer · answered Nov 09 '20 at 15:27

2

You need AWS IAM Role mapped to a ServiceAccount. Try using this user guide: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html

answered Nov 09 '20 at 15:27

Max Lobur

5,662
22
35

yes, but for kops you need to additionally install this webhook to the cluster: https://github.com/aws/amazon-eks-pod-identity-webhook/. In EKS it's included out of the box – Max Lobur Nov 10 '20 at 10:34

score 1 · Answer 2 · answered Dec 16 '20 at 16:23

1

also for kops you can use Kiam project, think of it as an IAM proxy https://github.com/uswitch/kiam

answered Dec 16 '20 at 16:23

kbry

133
1
7

How can I access AWS from a pod running under EKS/KOPS Cluster?

2 Answers2