EKS Cluster Access Manager API should be enabled
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Description
Amazon EKS recommends using the Cluster Access Manager API for managing EKS cluster access, replacing the aws-auth
ConfigMap. This new API simplifies Role-Based Access Control (RBAC) and Service Account management by allowing direct control via the EKS API, reducing manual configuration and the risk of errors. It also enhances security by enabling the assignment of predefined AWS-managed Kubernetes permissions to IAM principals, offering improved visibility and auditing capabilities.
Note: EKS Cluster Access Manager API is only available in EKS version 1.23 and above. Clusters running earlier EKS versions will not be assessed by this control.
For guidance on configuring EKS cluster access, refer to the Grant IAM users and roles access to Kubernetes APIs section of the Amazon EKS User Guide.