eksctl icon indicating copy to clipboard operation
eksctl copied to clipboard
verified publisher icon eksctl-io

Allow wildcard matching of service account subject

Open avoidik opened this issue 2 months ago • 1 comments

Description

This PR adds --subject-pattern to eksctl create iamserviceaccount.

https://github.com/eksctl-io/eksctl/issues/8628

Checklist

  • [x] Added tests that cover your change (if possible)
  • [x] Added/modified documentation as required (such as the README.md, or the userdocs directory)
  • [x] Manually tested
  • [x] Made sure the title of the PR is a good description that can go into the release notes
  • [ ] (Core team) Added labels for change area (e.g. area/nodegroup) and kind (e.g. kind/improvement)

BONUS POINTS checklist: complete for good vibes and maybe prizes?! :exploding_head:

  • [ ] Backfilled missing tests for code in same general area :tada:
  • [ ] Refactored something and made the world a better place :star2:

avoidik avatar Dec 12 '25 11:12 avoidik

Example:

eksctl create iamserviceaccount \
    --name crossplane \
    --namespace crossplane-system \
    --cluster "$CLUSTER_NAME" \
    --role-name "$ROLE_NAME" \
    --attach-policy-arn 'arn:aws:iam::aws:policy/AdministratorAccess' \
    --subject-pattern 'provider-aws-*' \
    --role-only \
    --approve

avoidik avatar Dec 12 '25 11:12 avoidik