Skip to main content
  • EN

I have configured an AWS IAM role for the Kasten K10 service account in my AWS EKS cluster, as described in Using IAM Role With a Kubernetes Service Account (EKS). However, when I try to create an infrastructure profile as described in AWS Infrastructure Profile, the “Authenticate With AWS IAM Role” checkbox is missing.

I guess it might show up if I install Kasten by providing the AWS IAM role as a parameter to the helm install command, but I prefer to avoid doing that. Moreover, the documentation also avoids this helm install param if using IRSA.

As a workaround, I tried enabling the “Execute Operations Using an AWS IAM Role” checkbox but that too mandates AWS access keys. Providing access keys isn’t an option for us. How can I proceed creating the infra profile using the IRSA role?

 

@jaiganeshjk 

Harish, Thank you for creating this topic.

If you have already set up the IRSA serviceaccount in K10 namespace(by following this https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html) with the IAM role ARN annotation(eks.amazonaws.com/role-arn), it should be sufficient for the Authenticate with IAM role checkbox to showup. You don’t have to explicitly add the helm value for IAM role. 

You can use the below command as per our docs to refer to the SA name instead if creating it. 

helm install k10 kasten/k10 -n kasten-io --create-namespace
    --set serviceAccount.create=false --set serviceAccount.name=my-service-account

If this SA is not created and you want K10 to create the SA with the IAM role annotation, that helm value is needed. 

 

 

 

 

Comment


Terms & Conditions