From 54a5dc5bcdc4ec3e5134341905b342133734a7cf Mon Sep 17 00:00:00 2001
From: Delyce Twizeyimana <delyce35@gmail.com>
Date: Wed, 18 Dec 2024 17:03:06 +0200
Subject: [PATCH] config aws auth (#428)

* config aws auth

* Update .gitignore

---------

Co-authored-by: Daniel Mohns <dmohns@users.noreply.github.com>
---
 .gitignore                           |  1 +
 k8s/configmaps/aws-auth.yaml.example | 21 +++++++++++++++++++++
 2 files changed, 22 insertions(+)
 create mode 100644 k8s/configmaps/aws-auth.yaml.example

diff --git a/.gitignore b/.gitignore
index 1b13a338..85017af7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -73,3 +73,4 @@ dist/
 
 ## secret file
 *-secrets.yaml
+aws-auth.yaml
diff --git a/k8s/configmaps/aws-auth.yaml.example b/k8s/configmaps/aws-auth.yaml.example
new file mode 100644
index 00000000..426e9a58
--- /dev/null
+++ b/k8s/configmaps/aws-auth.yaml.example
@@ -0,0 +1,21 @@
+apiVersion: v1
+data:
+  mapRoles: |
+    - groups:
+      - system:bootstrappers
+      - system:nodes
+      rolearn: arn:aws:iam::<AWS_ACCOUNT_ID>:role/<EKS_NODE_INSTANCE_ROLENAME>
+      username: system:node:{{EC2PrivateDNSName}}
+  mapUsers: |
+    - userarn: arn:aws:iam::<AWS_ACCOUNT_ID>:user/user1
+      username: user1
+      groups:
+        - system:masters
+    - userarn: arn:aws:iam::<AWS_ACCOUNT_ID>:user/user2
+      username: user2
+      groups:
+        - system:masters
+kind: ConfigMap
+metadata:
+  name: aws-auth
+  namespace: kube-system