Using IAM for Granting Access to Applications
AWS has over 200 services available, from SQL/NoSQL databases to machine learning and quantum computing. It’s likely that at some point you will want to use one of these services from within your application deployed on EKS.
This chapter looks at how you can grant IAM permissions to Pods, how you use the associated credentials in your application to connect to an AWS service, and how to troubleshoot issues with the overall process. Specifically, we will cover the following:
- Understanding what IAM Roles for Service Accounts (IRSA) is and what problems it solves
- Using IRSA in your application
- How to troubleshoot IAM issues on EKS
The reader should be familiar with YAML, ...