Created
February 17, 2020 09:02
-
-
Save alexei-led/9c5a30f5dd3825d5c3bc6adc14b76fbc to your computer and use it in GitHub Desktop.
Markdium-Securely Access AWS from GKE
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # run a pod (with AWS CLI onboard) in interactive mod | |
| kubectl run -it --rm --generator=run-pod/v1 --image mikesir87/aws-cli --serviceaccount ${KSA_NAME} test-pod | |
| # in Pod shell: check AWS assumed role | |
| aws sts get-caller-identity | |
| # the output should look similar to below | |
| { | |
| "UserId": "AROA9GB4GPRFFXVHNSLCK:gtoken-webhook-gyaashbbeeqhpvfw", | |
| "Account": "906385953612", | |
| "Arn": "arn:aws:sts::906385953612:assumed-role/bucket-full-gtoken/gtoken-webhook-gyaashbbeeqhpvfw" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment