When you want your users in IAM to access EKS cluster in another account, its very simple to do via cross account role. This assumes you have already created the role in account B to users in account A.
- first make sure you have a IAM role
cross-account-role
created in Account B and having added trusted relationship for users in that you would like to from account A to access it. - Once thats done , make sure you have access to the EKS cluster in account B(this needs to be done in order to edit the permissions of EKS).
- now edit the
aws-auth
configmap of that EKS cluster as: