Create an OIDC identity provider

To create an IAM OIDC identity provider for your cluster with eksctl

To use IAM roles for service accounts in your cluster, you must create an OIDC identity provider in the IAM console

  • Check your eksctl version that your eksctl version is at least 0.5.1
eksctl version

[ℹ] version.Info{BuiltAt:“”, GitCommit:“”, GitTag:“0.5.3”}

If your eksctl version is lower than 0.5.1, use Installing or Upgrading eksctl in the user guide

  • Create your OIDC identity provider for your cluster
eksctl utils associate-iam-oidc-provider --name eksworkshop-eksctl --approve

[ℹ] using region {AWS_REGION}
[ℹ] will create IAM Open ID Connect provider for cluster “eksworkshop-eksctl” in “{AWS_REGION}”
[✔] created IAM Open ID Connect provider for cluster “eksworkshop-eksctl” in “{AWS_REGION}”

If you go to the Identity Providers in IAM Console, you will see OIDC provider has created for your cluster

OIDC Identity Provider