Managing Kubernetes API Server user access
Giving users remote access to -enabled
environments allows authorized users to use kubectl
to manage and
troubleshoot Kubernetes clusters using the Kubernetes API. To do this, use the
Actions menu from the Environments
page.
The API server of the Kubernetes cluster which is created when enabling a environment for is secured using authentication and role based access control. By default no one is allowed to connect to the Kubernetes API server. You can grant users access to the Kubernetes API server by adding their AWS ARN to the list of Authorized Users so they can communicate with the cluster using Kubernetes management tools such as kubectl.
- You have the DFAdmin user role.
-
You have a cloud user ID. For AWS this is an ARN and looks similar to:
arn:aws:iam::{AWSaccountID}:role/{IAMRoleName}
See the AWS documentation for more information.
Download the kubeconfig file and share it with authorized users so they can connect to the cluster using their preferred Kubernetes management tools