Give AWS IAM Role to a pod running in GKE (Google Kubernetes Engine)


Amir Mehler

I would like to move a pod from AWS hosted K8s cluster to GKE (Google). The problem is that on a GKE instance I don't have the AWS metadata in order to assume an IAM role (obviously). But I guess I can do something similar to kube2iam in order to allow the pods to assume roles as if they were running inside AWS. Meaning, to run a daemonset that would simulate the access to the metadata for the pods. I already have a VPN set up between the clouds.

Anyone did this already?

Continue reading...