-
Create an S3 bucket in the same region as your cluster (replace
YOUR-BUCKET-NAME with a name of your choice):
aws s3 mb s3://YOUR-BUCKET-NAME
-
Enable versioning (replace YOUR-BUCKET-NAME with the name you
chose in the previous step):
aws s3api put-bucket-versioning --bucket YOUR-BUCKET-NAME --versioning-configuration Status=Enabled
-
Find the name of the role used by the nodes (replace
YOUR-CLUSTER-NAME with the name you gave your
cluster):
aws eks describe-nodegroup --cluster-name YOUR-CLUSTER-NAME --nodegroup-name linux-nodes --query "nodegroup.nodeRole" --output text
-
In the IAM console find the role discovered in the previous
step. Create a new inline policy (highlighted in the screenshot below) using the
JSON content below (replace YOUR-BUCKET-NAME with the name you
chose in the step 1):
{ "Version": "2012-10-17", "Statement": [ { "Action": [ "s3:DeleteObject", "s3:PutObject", "s3:GetObject" ], "Resource": "arn:aws:s3:::YOUR-BUCKET-NAME/*", "Effect": "Allow" } ] }
The end result should resemble something similar to the screenshot below: