The aws-auth configmap in AWS EKS performs a mapping between IAM users/roles to kubernetes RBAC roles. However, the documentation does not specify anything on adding IAM groups to the configmap.
We use multiple namespaces, each namespace managed by a different team. I created a set of kubernetes RBAC roles, limited to the different namespaces. Now I want to give everbody in the teams IAM group that specific role.
Is it possible to add IAM groups in the aws-auth configmap? If not, what would the proposed solution be? Create a IAM role per team and allow only members of the IAM group the permission to assume that role?
