AWS::EKS::PodIdentityAssociation

EKS PodIdentityAssociation

An object representing an Amazon EKS PodIdentityAssociation.

Properties

8 configurable properties. 4 required. Click a row to see details.

Filter:

Property	Type	Flags
`ClusterName`	`string`	RequiredCreate-only
`Namespace`	`string`	RequiredCreate-only
`RoleArn`	`string`	Required
`ServiceAccount`	`string`	RequiredCreate-only
`DisableSessionTags`	`boolean`
`Policy`	`string`
`Tags`	`Array<Tag>`
`TargetRoleArn`	`string`

Return Values

Values returned after the resource is created. Access these with Fn::GetAtt.

Attribute	Type	Description
`AssociationArn`	`string`	The ARN of the pod identity association.
`AssociationId`	`string`	The ID of the pod identity association.
`ExternalId`	`string`	The External Id of the pod identity association.

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml

AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::EKS::PodIdentityAssociation

Resources:
  MyResource:
    Type: AWS::EKS::PodIdentityAssociation
    Properties:
      ClusterName: "my-clustername"
      RoleArn: "arn:aws:service:region:account:resource"
      Namespace: "my-namespace"
      ServiceAccount: "value"
      Tags:
        - Key: Environment
          Value: Production

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

create

eks:CreatePodIdentityAssociationeks:DescribePodIdentityAssociationeks:TagResourceiam:PassRoleiam:GetRole

read

eks:DescribePodIdentityAssociation

update

eks:DescribePodIdentityAssociationeks:UpdatePodIdentityAssociationeks:TagResourceeks:UntagResourceiam:PassRoleiam:GetRole

delete

eks:DeletePodIdentityAssociationeks:DescribePodIdentityAssociation

list

eks:ListPodIdentityAssociations

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

ServiceEKS

Properties11

Required4

TaggingSupported

Primary IDAssociationArn

Supported Operations

CreateReadUpdateDeleteList

Immutable After Creation

These properties cannot be changed after the resource is created. Updating them triggers a replacement.

ClusterNameNamespaceServiceAccount

Related Resources

External Links

AWS Documentation