• AWS Console: Assuming roles

    2 min read

    AWS console IAM role assume

    If you are working with Amazon Web Services (AWS), you may have heard the term "assuming a role" in the context of one role using another role. This phrase refers to the process of temporarily taking on a specific set of permissions or privileges within an AWS account, in order to perform certain actions or access specific resources.

    Since when we are using the AWS console we are using a specific role to have access, we can assume another role as well.


  • Lambda functions: Allow lambda function to use VPC

    2 min read

    AWS Lambda IAM

    Lambda functions sometimes might need to interact with other AWS services that depending on how we are configuring it might need some explicit permissions to be set.


  • Enforce resource tagging on AWS using an IAM policy

    2 min read

    It is good practice to tag all the resources on AWS to be able to better keep track of them: Using these tags we can have a better understanding of where we are spending our money into. So, we might want to enforce tagging to the resources: This is something we can achieve using an IAM policy


  • Testing assume-role using AWS CLI

    2 min read

    Once you have configured that one role can assume another role from another account you might want to actually test that you are able to do it. With aws sts you will be able to assume a role


  • IRSA: IAM role to ServiceAccount

    1 min read

    For EKS cluster there was kube2iam for providing IAM credentials to containers running inside a kubernetes cluster that required a DaemonSet to be deployed. With IRSA (IAM Role to ServiceAccount) we can link IAM roles to ServiceAccounts



From pet to cattle
Treat your kubernetes clusters like cattle, not pets