kube2iam | kube2iam provides different AWS IAM roles for pods | Identity Management library

 by   jtblin Go Version: 0.11.0 License: BSD-3-Clause

kandi X-RAY | kube2iam Summary

kandi X-RAY | kube2iam Summary

kube2iam is a Go library typically used in Security, Identity Management applications. kube2iam has no bugs, it has no vulnerabilities, it has a Permissive License and it has medium support. You can download it from GitHub.

Provide IAM credentials to containers running inside a kubernetes cluster based on annotations.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              kube2iam has a medium active ecosystem.
              It has 1901 star(s) with 314 fork(s). There are 46 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 92 open issues and 121 have been closed. On average issues are closed in 131 days. There are 18 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of kube2iam is 0.11.0

            kandi-Quality Quality

              kube2iam has 0 bugs and 0 code smells.

            kandi-Security Security

              kube2iam has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              kube2iam code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              kube2iam is licensed under the BSD-3-Clause License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              kube2iam releases are available to install and integrate.
              Installation instructions, examples and code snippets are available.
              It has 1822 lines of code, 83 functions and 16 files.
              It has high code complexity. Code complexity directly impacts maintainability of the code.

            Top functions reviewed by kandi - BETA

            kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
            Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of kube2iam
            Get all kandi verified functions for this library.

            kube2iam Key Features

            No Key Features are available at this moment for kube2iam.

            kube2iam Examples and Code Snippets

            No Code Snippets are available at this moment for kube2iam.

            Community Discussions

            QUESTION

            Is Kube2iam unnecessary with, and/or a part of, EKS?
            Asked 2020-May-26 at 09:59

            In the Amazon EKS User Guide, there is a page dedicated to creating ALB ingress controllers by using an eponymous third-party tool, AWS ALB Ingress Controller for Kubernetes.

            Both the EKS user guide and the documentation for the controller have their own walkthroughs for how to set up the controller.

            The walkthrough provided by the controller has you either hard-code your AWS secret key into a Deployment manifest, or else install yet another third-party tool called Kube2iam.

            The walkthrough in the AWS EKS user guide has you post exactly the same Deployment manifest, but you don't have to modify it at all. Instead, you create both an IAM role (step 5) and a Kubernetes service account (step 4) for the controller, and then you link them together by annotating the service account with the ARN for the IAM role. Prima facie, this seems to be what Kube2iam is for.

            This leads me to one of three conclusions, which I rank in rough order of plausibility:

            1. EKS contains the functionality of Kube2iam as one of its features (possibly by incorporating Kube2iam into its codebase), and so installing Kube2iam is superfluous.
            2. eksctl installs Kube2iam behind the scenes as part of associate-iam-oidc-provider.
            3. The documentation for the controller was written for an earlier version of Kubernetes, and this functionality is now built into the stock control plane.

            Does anyone happen to know which it is? Why doesn't the AWS walkthrough need me to install Kube2iam?

            ...

            ANSWER

            Answered 2020-May-26 at 09:59

            Does anyone happen to know which it is? Why doesn't the AWS walkthrough need me to install Kube2iam?

            Yes, I can authoritatively answer this. In 09/2019 we launched a feature in EKS called IAM Roles for Service Accounts. This makes kube2iam and other solutions obsolete since we support least-privileges access control on the pod level now natively.

            Also, yes, the ALB IC walkthrough should be updated.

            Source https://stackoverflow.com/questions/62013028

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install kube2iam

            This is the basic RBAC setup to get kube2iam working correctly when your cluster is using rbac. Below is the bare minimum to get kube2iam working. First we need to make a service account. Next we need to setup roles and binding for the the process. You will notice this lives in the kube-system namespace to allow for easier seperation between system services and other services. Here is what a kube2iam daemonset yaml might look like.

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            CLONE
          • HTTPS

            https://github.com/jtblin/kube2iam.git

          • CLI

            gh repo clone jtblin/kube2iam

          • sshUrl

            git@github.com:jtblin/kube2iam.git

          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Identity Management Libraries

            vault

            by hashicorp

            k9s

            by derailed

            keepassxc

            by keepassxreboot

            keycloak

            by keycloak

            uuid

            by uuidjs

            Try Top Libraries by jtblin

            angular-chart.js

            by jtblinJavaScript

            go-ldap-client

            by jtblinGo

            syncho

            by jtblinJavaScript

            mocha-osx-reporter

            by jtblinJavaScript