We have many options to get cross-account access to resources, but when talking about the Kubernetes cluster, things can get a little bit tricky! So, in this blog, I'll share a solution to do it in the safest way using the principle of least privilege. A typical scenario is to have two accounts, Account A, with an EKS cluster and Account B with an S3 bucket (example_bucket) that needs to be accessed by a pod from account A.
We have many options for this: We can create a bucke
It is annoying to finally deploy our application in an EKS cluster to get the eternal “pending” state of our pods. There are several reasons that might get a pod in a pending state; most of them are related to computing resource limits, but some others are related to IP address limits in our worker nodes. However, reaching this kind of limit is an easy problem to solve. You can find the right type of instance for your Kubernetes workloads by checking this handy document provi