Amazon EKS - Create Service Account in Kubernetes
In your Amazon EKS cluster, a Service Account provides an identity for all processes that run in a pod. These processes can talk to the API server only if a Service Account has been defined.
To create a service account in your Amazon EKS cluster, follow these steps:
Create Amazon EKS Account Manifest File
To create a Service Account, you need to create its YAML file for deployment. Let's call this file service_account.yaml and the its content is shown below:
Note
The parameters required to create this YAML file, ready to be deployed, are explained in the Properties section.
kind: ServiceAccount
apiVersion: v1
metadata:
name: ncache-operator
Deploy Service Account
Once you have created a YAML file, it is ready to be deployed in your Kubernetes cluster. Run the following command in cloud shell to set a service account for the processes inside the cluster:
kubectl create -f [dir]/service_account.yaml
You can verify successful creation of this account by execution the get verb as follows:
kubectl get serviceaccounts
Properties
The properties required to create a service account are explained below:
| Parameter | Description |
|---|---|
-kind |
This can be many different types like a Deployment, a Service, DaemonSet or StatefulSet. In this case it will be a ServiceAccount |
-apiVersion |
Specifies the version of the kind and it depends on the underlying version of Amazon EKS. |
-name |
Specifies the name of the Operator you will deploy that needs access to the service account. |
After successful execution of this command, you need to create a Role definition, the steps of which are explained in the next chapter.
See Also
Create Role Definition
Create Role Binding
Create NCache Operator
Create Custom Resources
