Amazon EKS Pod Identity associations provide the ability to manage credentials for your applications, similar to the way that Amazon EC2 instance profiles provide credentials to Amazon EC2 instances.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{
"RoleArn" : String
,
"ServiceAccount" : String
}
YAML
RoleArn: String
ServiceAccount: String
Properties
RoleArn
-
The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the pods that use this service account.
Required: Yes
Type: String
Pattern:
^arn:aws(-cn|-us-gov|-iso(-[a-z])?)?:iam::\d{12}:(role)\/*
Update requires: No interruption
ServiceAccount
-
The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.
Required: Yes
Type: String
Update requires: No interruption