liqo icon indicating copy to clipboard operation
liqo copied to clipboard

Published 20 hours ago verified publisher icon liqotech

[Feature] Allow use of IAM Role | OIDC instead of IAM User for EKS

Open jz-wilson opened this issue 3 years ago • 2 comments

Is your feature request related to a problem? Please describe. I would like to able to use an IAM Role so we don't have to manager IAM keys. Looks like the only place that uses it is the auth-service.

Describe the solution you'd like Assigning an IAM role to pod via OIDC.

Describe alternatives you've considered N/A

Additional context Also I'm not sure why the user needs to be created, I didn't really see anywhere clearly what purpose it serves just the policy it has attached.

jz-wilson avatar Sep 29 '21 14:09 jz-wilson

Hi @jz-wilson, thanks for opening the issue! We decided to introduce the first support using IAM User without relying on OIDC, which seems to be an optional feature when creating an EKS cluster. So, it seemed a good option to rely on the most basic mechanism, IAM user mappings, which are always present on any cluster.

palexster avatar Sep 29 '21 15:09 palexster

Thanks for the response! Yeah I was just putting it out there :)

jz-wilson avatar Sep 29 '21 15:09 jz-wilson