README
¶
⚠ Repository not maintained ⚠
Please note that this repository is currently archived, and is no longer being maintained.
- It may contain code, or reference dependencies, with known vulnerabilities
- It may contain out-dated advice, how-to's or other forms of documentation
KIAM to IRSA migration check
Purpose
This is a tool that can be useful when migrating from KIAM to IAM Roles for Service Accounts (IRSA). The tool will find all Kubernetes service accounts that has the annotation:
metadata:
annotations:
eks.amazonaws.com/role-arn: "<ANY ARN>"
and doesn't have the annotation:
metadata:
annotations:
eks.amazonaws.com/sts-regional-endpoints: "true"
Usage
Getting CLI help
./kiam2irsa --help
./kiam2irsa sa --help
./kiam2irsa pods --help
Find ServiceAccount status using default kubeconfig ~/.kube/config
./kiam2irsa sa
Find ServiceAccount status using custom kubeconfig through environment variable
KUBECONFIG=~/.kube/my-cluster.config
./kiam2irsa sa
Find ServiceAccount status using kubeconfig through argument passing
./kiam2irsa sa --kubeconfig ~/.kube/my-cluster.config
Find pods only using KIAM
./kiam2irsa pods --status KIAM
Find pods only migrated to IRSA, but that still supports KIAM
./kiam2irsa pods --status BOTH
Find pods fully migrated to IRSA
./kiam2irsa pods --status IRSA
Build instructions
go build .
Documentation
¶
There is no documentation for this package.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.