Does eks:AccessKubernetesApi allows to update any resources or it allows only readonly access?
Hello,
Please advise does "eks:AccessKubernetesApi" allows only to view the workloads or it allows to update any kubernetes resources.
If you could point me to security implications of adding "eks:AccessKubernetesApi" to a role in production, that would be really helpful.
Thanks
The IAM policy action eks:AccessKubernetesApi
is used to allow users to view Kubernetes resources on the AWS Console. Without this the user cannot see the Overview and Workloads tabs content. You can see in the IAM action type definitions that this action is classified as read-only. You can view full list of actions and their access levels here.
On top of this you also need to create IAM role mapping inside the EKS cluster to give the AWS Console access to make requests on users behalf. More details available at here.
Relevant questions
IAM Policy that allows only access to "Switch Role"
asked a month agoNo identity-based policy allows the ssm:SendCommand action
asked a month agoDoes eks:AccessKubernetesApi allows to update any resources or it allows only readonly access?
asked a month agoHow broad are Trusted Advisor S3 checks?
Accepted Answerasked 2 years agoExpress on EC2 Only Allows Base URL
asked 5 months agoCognito pool allows duplicate confirmed email address aliases
asked 8 months agoDoes Databricks give customers the option to choose reserved instances or are there any barriers to savings plan ?
asked 3 months agoIP access restriction on S3
asked a year agoDoes it allow to search PDFs?
asked 5 days agois there a page or a way to know about global aws outages?
Accepted Answerasked 4 months ago