AWS::EKS::Addon PodIdentityAssociation - Amazon CloudFormation
SyntaxProperties
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::EKS::Addon PodIdentityAssociation

Amazon EKS Pod Identity associations provide the ability to manage credentials for your applications, similar to the way that Amazon EC2 instance profiles provide credentials to Amazon EC2 instances.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "RoleArn" : String,
  "ServiceAccount" : String
}

YAML

  RoleArn: String
  ServiceAccount: String

Properties

RoleArn

The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the pods that use this service account.

Required: Yes

Type: String

Pattern: ^arn:aws(-cn|-us-gov|-iso(-[a-z])?)?:iam::\d{12}:(role)\/*

Update requires: No interruption

ServiceAccount

The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.

Required: Yes

Type: String

Update requires: No interruption