Manage Kubernetes API Server user access
Giving users remote access to CDF environments allows authorized users to use
kubectl
to manage and troubleshoot Kubernetes clusters using the
Kubernetes API. To do this, use the Actions menu from the
Environments page.
The API server of the Kubernetes cluster which is created when enabling a CDP environment for DataFlow is secured using authentication and role based access control. By default no one is allowed to connect to the Kubernetes API server. You can grant users access to the Kubernetes API server by adding their AWS ARN to the list of Authorized Users so they can communicate with the cluster using Kubernetes management tools such as kubectl.
- You have the DFAdmin user role.
-
You have a cloud user ID. For AWS this is an ARN and looks similar to:
arn:aws:iam::{AWSaccountID}:role/{IAMRoleName}
See the AWS documentation for more information.
Download the kubeconfig file and share it with authorized users so they can connect to the cluster using their preferred Kubernetes management tools