Permissions for @turbot/aws-eks
Taking a look at permissions and associated grant levels for each permission for EKS:
Permission | Grant Level | Help |
---|---|---|
ec2:DescribeSecurityGroups | Metadata | |
ec2:DescribeSubnets | Metadata | |
ec2:DescribeVpcs | Metadata | |
eks:CreateCluster | Admin | Admins can create an Amazon EKS control plane. |
eks:CreateFargateProfile | Admin | |
eks:CreateNodegroup | Admin | |
eks:DeleteCluster | Admin | |
eks:DeleteFargateProfile | Admin | |
eks:DeleteNodegroup | Admin | |
eks:DescribeCluster | Metadata | |
eks:DescribeFargateProfile | Metadata | |
eks:DescribeNodegroup | Metadata | |
eks:DescribeUpdate | Metadata | |
eks:ListClusters | Metadata | |
eks:ListFargateProfiles | Metadata | |
eks:ListNodegroups | Metadata | |
eks:ListTagsForResource | Metadata | |
eks:ListUpdates | Metadata | |
eks:TagResource | Operator | |
eks:UntagResource | Operator | |
eks:UpdateClusterConfig | Operator | |
eks:UpdateClusterVersion | Admin | |
eks:UpdateNodegroupConfig | Admin | |
eks:UpdateNodegroupVersion | Admin | |
iam:ListRoles | Metadata | |
iam:PassRole | Admin | Admins can associate an existing EKS service-linked role to create a cluster. |