8000 GitHub - dfds/kiam2irsa: ARCHIVED: The tool will find all Kubernetes service accounts with certain annotations
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
This repository was archived by the owner on Sep 1, 2023. It is now read-only.
/ kiam2irsa Public archive

ARCHIVED: The tool will find all Kubernetes service accounts with certain annotations

License

MIT license
1 star 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dfds/kiam2irsa

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

39 Commits
.github/workflows
.github/workflows
 
 
cmd
cmd
 
 
pkg
pkg
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

⚠️ Repository not maintained ⚠️

Please note that this repository is currently archived, and is no longer being maintained.

  • It may contain code, or reference dependencies, with known vulnerabilities
  • It may contain out-dated advice, how-to's or other forms of documentation

KIAM to IRSA migration check

Purpose

This is a tool that can be useful when migrating from KIAM to IAM Roles for Service Accounts (IRSA). The tool will find all Kubernetes service accounts that has the annotation:

metadata:
    annotations:
        eks.amazonaws.com/role-arn: "<ANY ARN>"

and doesn't have the annotation:

metadata:
    annotations:
        eks.amazonaws.com/sts-regional-endpoints: "true"

Usage

Getting CLI help

./kiam2irsa --help

./kiam2irsa sa --help
./kiam2irsa pods --help

Find ServiceAccount status using default kubeconfig ~/.kube/config

./kiam2irsa sa

Find ServiceAccount status using custom kubeconfig through environment variable

KUBECONFIG=~/.kube/my-cluster.config
./kiam2irsa sa

Find ServiceAccount status using kubeconfig through argument passing

./kiam2irsa sa --kubeconfig ~/.kube/my-cluster.config

Find pods only using KIAM

./kiam2irsa pods --status KIAM

Find pods only migrated to IRSA, but that still supports KIAM

./kiam2irsa pods --status BOTH

Find pods fully migrated to IRSA

./kiam2irsa pods --status IRSA

Build instructions

go build .

About

ARCHIVED: The tool will find all Kubernetes service accounts with certain annotations

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

6 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages
0