EKS Permissions

EKS actions require some additional IAM configuration to create a cluster and access it.


  • EKS clusters need an associated service-linked EKS Role to access other AWS services. If such a role does not already exist in the account, Create EKS Role provides instructions on how to create it.

Managing existing Kubernetes cluster with Fylamynt


Create Role for EKS Control

  • In the IAM Console, click on `Create role`

  • Select AWS service on the next screen

  • Pick EKS as the service

  • Pick EKS - Cluster as the specific use case in the lower half of the page

  • Click on Next: Tags and add any tags that you want

  • Add a Role name, save.

  • Search for the Role name on the next screen and click on it

  • Note down the Role ARN

Add Inline Policy to Target Account

  • Find the target account in the IAM console:

  • Click on Add inline policy

  • Click on Choose a service, enter IAM in the search box, then select IAM

  • Click on the Chevron for Write, select PassRole

  • Once PassRole is selected, specify the role resource ARN by clicking on the Resources chevron

  • Click on Add ARN

  • Enter the full ARN from the Role ARN noted earlier, click on Add.

  • Click on Review policy

  • Click on Create policy

Configure the Resource

  • Navigate to Settings > Resource > EKS Permissions.

  • Click Manage EKS Permissions to create an integration instance.

  • Click on Add New

Details needed to provide EKS Permissions to Fylamynt:




Account Alias

Target account in which to perform EKS operations



Reference name for this instance. This will show up in resource menus for EKS actions


Assume Role ARN

The Role ARN from Create Role for EKS Control


Sample EKS Permission:

Integration Actions

Deploy Cluster

The action can be used to create/deploy an EKS Cluster.

The role_arn parameter should match the one from Create Role for EKS Control. The alias should match an alias with the additional inline policy applied.

Last updated