EKS Pod Identity Association

Docs > DDSQL Reference > Data Directory > EKS Pod Identity Association

This table represents the EKS Pod Identity Association resource from Amazon Web Services.

aws.eks_podidentityassociation

Fields

ID	Type	Data Type	Description
_key	core	string
account_id	core	string
association_arn	core	string	The Amazon Resource Name (ARN) of the association.
association_id	core	string	The ID of the association.
cluster_name	core	string	The name of the cluster that the association is in.
created_at	core	timestamp	The timestamp that the association was created at.
disable_session_tags	core	bool	The state of the automatic sessions tags. The value of <i>true</i> disables these tags. EKS Pod Identity adds a pre-defined set of session tags when it assumes the role. You can use these tags to author a single role that can work across resources by allowing access to Amazon Web Services resources based on matching tags. By default, EKS Pod Identity attaches six tags, including tags for cluster name, namespace, and service account name. For the list of tags added by EKS Pod Identity, see <a href="https://docs.aws.amazon.com/eks/latest/userguide/pod-id-abac.html#pod-id-abac-tags">List of session tags added by EKS Pod Identity</a> in the <i>Amazon EKS User Guide</i>.
modified_at	core	timestamp	The most recent timestamp that the association was modified at.
namespace	core	string	The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the Pods that use the service account must be in this namespace.
owner_arn	core	string	If defined, the EKS Pod Identity association is owned by an Amazon EKS add-on.
role_arn	core	string	The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the Pods that use this service account.
service_account	core	string	The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.
tags	core	hstore
target_role_arn	core	string	The Amazon Resource Name (ARN) of the target IAM role to associate with the service account. This role is assumed by using the EKS Pod Identity association role, then the credentials for this role are injected into the Pod.