Links
🔒

Configure IAM

Sedai uses an agentless approach in order to securely access AWS resources.
Sedai programmatically connects to your cloud resources via Identity and Access Management (IAM) authentication. IAM provides granular control of your cloud environments so that you can specify user permissions to access certain resources.
IAM authentication requires the following:
Once you configure IAM from your AWS Console, you will be able to connect the account/cluster to Sedai using either the Role ARN or User Secret/Access Keys.
In addition to IAM authentication, for EKS resources you must also set up Kubernetes Role Based Access Control (RBAC) for authorization and add the IAM Role or User into the aws-auth configmap.

Configure IAM with CloudFormation

You can automatically set up IAM authentication using one of the following CloudFormation Stacks.
AWS CloudFormation simplifies provisioning and management on AWS. You can create templates for the service or application architectures you want and have AWS CloudFormation use those templates for quick and reliable provisioning of the services or applications (called “stacks”). You can also easily update or replicate the stacks as needed.
This collection of sample templates will help you get started with AWS CloudFormation and quickly build your own templates.
CloudFormation Templates
Amazon Web Services, Inc.
Learn more about AWS CloudFormation Stacks
Select your preferred configuration below to launch the CloudFormation Stack from your AWS Console. This will automatically create your selected Sedai IAM policy as well as create your preferred IAM authentication method (Role or User) and attach the new policy to it.
Once the CloudFormation Stack executes, you will be able to copy either the Role ARN from the new IAM Sedai Role or Access and Secret Key from the new IAM Sedai User. This information is required in order to connect your AWS account within Sedai from the Integrations page.
You can alternatively manually create the IAM policy and IAM Role or IAM User from within your AWS Console.

Resources