AWS::EKS::Addon PodIdentityAssociation

Amazon EKS Pod Identity associations provide the ability to manage credentials for your applications, similar to the way that Amazon EC2 instance profiles provide credentials to Amazon EC2 instances.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "RoleArn" : String,
  "ServiceAccount" : String
}

YAML


  RoleArn: String
  ServiceAccount: String

Properties

RoleArn

The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the pods that use this service account.

Required: Yes

Type: String

Pattern: ^arn:aws(-cn|-us-gov|-iso(-[a-z])?)?:iam::\d{12}:(role)\/*

Update requires: No interruption

ServiceAccount

The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.

Required: Yes

Type: String

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS::EKS::Addon

Tag