Search⌘ K
Home
Courses
A Practical Guide to Kubernetes

Preparing for the Cluster Setup: IAM Group and User

Understand how to prepare AWS Identity and Access Management resources by creating an IAM group and user with proper policies. This lesson guides you through setting permissions crucial for managing EC2 instances, S3 storage, VPCs, and IAM roles to securely deploy a Kubernetes cluster with kOps.

We'll cover the following...

In this lesson, we’ll create a few Identity and Access Management (IAM) resources. Even though we could create a cluster with the user you used to register to AWS, it’s good practice to create a separate account with only the privileges that we’ll need for the following exercises.

Creating the IAM group

First, we’ll create an IAM group called kops.

Shell
aws iam create-group \
    --group-name kops

The output is as follows:

Shell
{
    "Group": {
        "Path": "/",
        "CreateDate": "2018-02-21T12:58:47.853Z",
        "GroupId": "AGPAIF2Y6HJF7YFYQBQK2",
        "Arn": "arn:aws:iam::036548781187:group/kops",
        "GroupName": "kops"
    }
}

We don’t care much for any of the information from the output except that it does not contain an error message thus confirming that the group was created successfully.

Next, we’ll assign a few policies to the group thus providing the future users of the group with sufficient permissions to create the objects we’ll need.

Since our cluster will consist of ...