aws-workshop-for-kubernetes icon indicating copy to clipboard operation
aws-workshop-for-kubernetes copied to clipboard
verified publisher icon aws-samples

dashboard service-account must implement cluster-admin role for full dashboard access

Open geremyCohen opened this issue 7 years ago • 3 comments

https://github.com/aws-samples/aws-workshop-for-kubernetes/tree/master/02-path-working-with-clusters/201-cluster-monitoring#kubernetes-dashboard

The instructions for setting up the dashboard don't provide for full cluster access.

They should be modified to guide the user in provisioning/binding a cluster-admin-level role and retrieving the associated secret's token in order to login to the dashboard.

To do this, we'll reference the steps documented here: https://docs.aws.amazon.com/eks/latest/userguide/dashboard-tutorial.html#eks-admin-service-account

geremyCohen avatar Jun 21 '18 20:06 geremyCohen

The steps should reference the EKS tutorial, however, it should be adapted to this workshop so that the user can access the dashboard via their Cloud9 test Web UI.

geremyCohen avatar Aug 22 '18 21:08 geremyCohen

/assign @vjsikha

dalbhanj avatar Aug 23 '18 16:08 dalbhanj

Create a file called 'admin-cluster-role-binding.yaml' with the text below: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: kubernetes-dashboard roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects:

  • kind: ServiceAccount name: kubernetes-dashboard namespace: kube-system

Apply the cluster role binding to your cluster: kubectl apply -f admin-cluster-role-binding.yaml

Output: clusterrolebinding.rbac.authorization.k8s.io "kubernetes-dashboard" created

gudavalli avatar Sep 11 '18 19:09 gudavalli