clusterawsadm bootstrap iam create-cloudformation-stack
Create or update an AWS CloudFormation stack
Synopsis
Create or update an AWS CloudFormation stack for bootstrapping Kubernetes Cluster API and Kubernetes AWS Identity and Access Management (IAM) permissions. To use this command, there must be AWS credentials loaded in this environment.
The utility will attempt to find credentials in the following order:
- Check for the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables.
- Read the default credentials from the shared configuration files ~/.aws/credentials or the default profile in ~/.aws/config.
- Check for the presence of an EC2 IAM instance profile if it’s running on AWS.
- Check for ECS credentials.
IAM role assumption can be performed by using any valid configuration for the AWS CLI at: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html. For role assumption to be used, a region is required for the utility to use the AWS Security Token Service (STS). The utility resolves the region in the following order:
- Check for the --region flag.
- Check for the AWS_REGION environment variable.
- Check for the DEFAULT_AWS_REGION environment variable.
- Check that a region is specified in the shared configuration file.
clusterawsadm bootstrap iam create-cloudformation-stack [flags]
Examples
# Create or update IAM roles and policies for Kubernetes using a AWS CloudFormation stack.
clusterawsadm bootstrap iam create-cloudformation-stack
# Create or update IAM roles and policies for Kubernetes using a AWS CloudFormation stack with a custom configuration.
clusterawsadm bootstrap iam create-cloudformation-stack --config bootstrap_config.yaml
Options
--config string clusterawsadm will load a bootstrap configuration from this file. The path may be
absolute or relative; relative paths start at the current working directory.
The configuration file is a Kubernetes YAML using the
bootstrap.aws.infrastructure.cluster.x-k8s.io/v1beta1/AWSIAMConfiguration
kind.
Documentation for this kind can be found at:
https://pkg.go.dev/sigs.k8s.io/cluster-api-provider-aws/v2/cmd/clusterawsadm/api/bootstrap/v1beta1
To see the default configuration, run 'clusterawsadm bootstrap iam print-config'.
-h, --help help for create-cloudformation-stack
--region string The AWS region in which to provision
Options inherited from parent commands
-v, --v int Set the log level verbosity. (default 2)
SEE ALSO
- clusterawsadm bootstrap iam - View required AWS IAM policies and create/update IAM roles using AWS CloudFormation