trackiam
kiam
Our great sponsors
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
trackiam
-
Plan using ReadOnlyAccess
Is it possible to reasonably plan but not apply with https://github.com/glassechidna/trackiam/blob/master/policies/ReadOnlyAccess.json ?
- Minimal IAM policy for a (read-only) plan on AWS?
- AWS IAM Tracker
-
AWS federation comes to GitHub Actions
Shoutouts to Aidan, he always manages to dig up some real obscure AWS insights!
I can recommend checking out his trackiam project too: https://github.com/glassechidna/trackiam
kiam
-
AWS Access Keys - A Reference
IMDS for the underlying nodes, if EKS on EC2 is deployed and kiam or similar isn't deployed
-
Application using multiple aws users
Take a look at this GitHub project- https://github.com/uswitch/kiam
- 5 Razones de por qué aprender EKS practicando
-
5 Reasons why to learn EKS practicing
There are multiple solutions for this like Kube2IAM, KIAM, and IAM Roles for Service Accounts which, if we are in AWS and EKS (running in EC2 instances), this one is my go-to 😎.
-
[AWS-EFS][IAM] AWS EFS CSI instructions say to use a service account w/ IAM role association, but is it possible with KIAM instead?
How Kiam provides a pod with the AWS role credentials is by intercepting API calls to the metadata service (technical details here & here).
What are some alternatives?
aws-runas - aws-runas rewritten in Go
amazon-eks-pod-identity-webhook - Amazon EKS Pod Identity Webhook
aws-cct - AWS Cost Comparison Tool - Moved to https://gitlab.agodadev.io/partnertech/aws-cct
kube2iam - kube2iam provides different AWS IAM roles for pods running on Kubernetes
aws-redis-iam-auth-golang - Using IAM authentication for Redis on AWS
aws-efs-csi-driver - CSI Driver for Amazon EFS https://aws.amazon.com/efs/
vault-demo
kube-secrets-init - Kubernetes mutating webhook for `secrets-init` injection
aws
aws-sdk-go - AWS SDK for the Go programming language.
awsdtc - AWS Data Transfer Cost Explorer
client-go - Go client for Kubernetes.