in cmd/resource/k8sauth.go [297:325]
func createIamAuth(sess *session.Session, svc eksiface.EKSAPI, model *Model) error {
// get kubernetes api client
clientset, err := CreateKubeClientEks(sess, svc, model.Name)
if err != nil {
return err
}
// add Role, RoleBinding and Group
err = putAwsAuthAdminRole(clientset)
if err != nil {
return err
}
// Add caller to authmap, so that we have permissions to perform updates to auth map.
authMap := &IamAuthMap{}
authMap, err = authMap.addCaller(sess)
if err != nil {
return err
}
// add iam entities from model
authMap = authMap.addFromModel(model)
// create aws-auth configmap
err = authMap.PushConfigMap(clientset)
if err != nil {
return err
}
return nil
}