Kubernetes Service Accounts
In SkyU, you can create Kubernetes Service Accounts to provide an identity for processes that run in a Pod. Service accounts are used to authenticate and authorize the processes running in a Pod.
Create a Service Account
You can create a service account by clicking on the Create Service Account button on under Environments in the SkyU Console.
| Field | Description |
|---|---|
| Name | Name of the Service Account. This has to be unique across your organization and should not contain special characters. |
| Namespace | Select the namespace where the service account should be created. |
| Annotations | Add annotations to the service account. This is used for adding metadata to the service account. |
AWS IAM Role
In EKS clusters, you can use the eks.amazonaws.com/role-arn annotation to associate an IAM role with the service account. This allows the pods in the namespace to assume the IAM role. The IAM role must have the necessary permissions to access AWS resources. This enables your pods to interact with AWS services securely.
You can read more about IAM Roles for Service Accounts (opens in a new tab) in the AWS documentation.
Finally, click on the Create button to save the service account.