Amazon EKS Concepts

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

Internal

Overview

EKS Cluster

Control Plane

EKS Worker Node

EKS Worker Node IAM Role

Amazon EKS-optimized AMI

Worker Node Group

Node Group Name

Managed Worker Node Group

Cluster Service Role

Cluster Autoscaler

Cluster Endpoint

AWS Infrastructure Requirements

TODO: Topology diagram

Cluster VPC

Subnets

Security Groups

A dedicated security group for each cluster control plane is recommended.

EKS Platform Versions and Kubernetes Versions

Amazon EKS platform version.

Integration with ECR

Logging

Control Plane Logging

SLA

https://aws.amazon.com/eks/sla/

aws-iam-authenticator

Page 17.

aws-iam-authenticator Operations

aws-iam-authenticator

.kube/config Configuration

AWS documentation refers to the Kubernetes configuration file as "kubeconfig".

.kube/config

EKS Security

EKS IAM Permissions

These are technically "actions", but they are commonly referred to as "permissions", which implies that the action is part of a formal permission construct associated with the entity requiring it.

  • eks:DescribeCluster