gopaddle offers a pre-defined Cloud Formation Template to create Roles to associate with the AWS EKS master and Node pool. While creating an AWS EKS cluster through gopaddle, you will be provided with an option to create a Role.
In the cluster creation wizard, click the Create option next to the Role ARN to take you to the AWS Console to create a Stack. If you are not already logged in to the AWS Console, login using the IAM User that was used to register the AWS Cloud Account or with the root login.
This feature to create IAM Role manually helps to keep track of any changes to the IAM Roles with complete transparency.
Steps to Create an IAM Role
- gopaddle uses 3 different templates to create a Master Role and a Node Pool Role.
You can review the templates here :
- Master Role Template : https://gopaddle-public-us-east-1.s3.amazonaws.com/cloudformation/clusterrole.yaml
- Node Pool template : https://gopaddle-public-us-east-1.s3.amazonaws.com/cloudformation/nodegrouprole.yaml (used for both managed and custom AMI node pools)
- Storidge Node Pool template : https://gopaddle-public-us-east-1.s3.amazonaws.com/cloudformation/eks-storidge-role.yaml
2. Proceed with the default values and select Next
3. The stack name is automatically generated by gopaddle every time a new stack is created. Proceed with the default and select Next.
4. Confirm the changes by clicking on the Check box and then choose Create Stack.
5. Once the stack is created, copy the ARN from the output section.
Master and Node pool Roles are not managed by gopaddle. Hence the corresponding role needs to be deleted manually once a cluster or a node pool is deleted.