aws iam #0

Supports: xenial bionic
Add to new model


Adds support for using AWS IAM to authenticate to a Kubernetes cluster. This cluster does not need to be running inside AWS, but it does need to be able to reach the AWS endpoint.


The AWS IAM charm allows a Kubernetes cluster to be authenticated via the Amazon API using AWS users and groups. The authorization falls to RBAC, so an Amazon user or group maps to an RBAC user.


The AWS IAM charm is subordinate to the kubernetes-master charm and needs to be related to it. It will then set the Kubernetes API server to authenticate through the AWS IAM pod deployed inside the cluster.

juju deploy cs:~containers/aws-iam
juju deploy charmed-kubernetes
juju add-relation aws-iam kubernetes-master


config-option description

Known Limitations

Further information