Snippet of Amazon EKS aws-auth configmap that grants cluster admin permissions to a specific AWS SSO role/permission set

aws-cli-eksctl-create-iamidentitymapping

# Example command
eksctl create iamidentitymapping \
  --cluster YOUR_CLUSTER_NAME \
  --arn arn:aws:iam::999999999999:role/AWSReservedSSO_YOUR-ROLE_NAME_xxxxxxxxxxxc \
  --username cluster-admin \
  --group system:masters

eks-auth-configmap-for-aws-sso-user.yaml

apiVersion: v1
data:
  mapRoles: |
    - groups:
      - system:bootstrappers
      - system:nodes
      rolearn: arn:aws:iam::999999999999:role/eksctl-your_cluster_name-NodeInstanceRole-19W4NV2RA7VY5
      username: system:node:{{EC2PrivateDNSName}}
    - groups:
      - system:masters
      rolearn: arn:aws:iam::999999999999:role/AWSReservedSSO_YOUR-ROLE_NAME_xxxxxxxxxxx
      username: cluster-admin
  mapUsers: |
    []
kind: ConfigMap
metadata:
  creationTimestamp: "2022-02-03T23:15:18Z"
  name: aws-auth
  namespace: kube-system
  resourceVersion: "91706682"
  uid: xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx