Amazon EKS Create and Delete Cluster: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 8: Line 8:
=Creation Procedure=
=Creation Procedure=


* [[AWS_Security_Operations#Create_an_IAM_Role|Create a dedicated IAM role]]. The use case should be "EKS - Cluster".
Create a dedicated IAM role following the procedure described [[AWS_Security_Operations#Create_an_IAM_Role|here]]. Use the "EKS - Cluster" use case.  
** Make sure the IAM user you are going to call into the cluster (arn:aws:iam::999999999999:user/some.user) has sts:AssumeRole for the IAM role. This is how to [[AWS_Security_Operations#Enable_an_IAM_User_to_Assume_an_IAM_Role|enable an IAM User to assume an IAM Role]].
 
 
 
Make sure the IAM user you are going to call into the cluster (arn:aws:iam::999999999999:user/some.user) has sts:AssumeRole for the IAM role. This is how to [[AWS_Security_Operations#Enable_an_IAM_User_to_Assume_an_IAM_Role|enable an IAM User to assume an IAM Role]].





Revision as of 22:29, 3 September 2020

External

Internal

Creation Procedure

Create a dedicated IAM role following the procedure described here. Use the "EKS - Cluster" use case.


Make sure the IAM user you are going to call into the cluster (arn:aws:iam::999999999999:user/some.user) has sts:AssumeRole for the IAM role. This is how to enable an IAM User to assume an IAM Role.


Create a VPC using the pre-defined CloudFormation stack as described here: https://docs.aws.amazon.com/eks/latest/userguide/getting-started-console.html

Write down the name of the stack, as it may be needed to delete the resources.

Record VpcId, SecurityGroups, SubnetId


  • Create the cluster. From the Console → EKS → Create Cluster:
    • Cluster Service Role
    • Next
    • VPC
    • Subnets (all existing are preselected)
    • Security groups: use Control Plane Security Group.
    • Custer Endpoint Access

Deletion Procedure

Delete the cluster.

Remove the associated resources by running Delete on the CloudFormation stack used to create resources.