efs 공식문서
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Federated": "arn:aws:iam::${your_account_id}:oidc-provider/oidc.eks.${region}.amazonaws.com/id/${OpenID Connect provider}"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {
"oidc.eks.${region}.amazonaws.com/id/${OpenID Connect provider}:aud": "sts.amazonaws.com",
"oidc.eks.${region}.amazonaws.com/id/${OpenID Connect provider}:sub": "system:serviceaccount:${name space}:${service account}"
}
}
}
]
}
공식 레포 602401143452
$ helm repo add aws-efs-csi-driver https://kubernetes-sigs.github.io/aws-efs-csi-driver/
$ helm pull aws-efs-csi-driver/aws-efs-csi-driver --version 2.5.0
$ tar xvf aws-efs-csi-driver-2.5.0.tgz
$ vi values.yaml
image:
repository: 602401143452.dkr.ecr.ap-northeast-2.amazonaws.com/eks/aws-efs-csi-driver
sidecars:
livenessProbe:
image:
repository: 602401143452.dkr.ecr.ap-northeast-2.amazonaws.com/eks/livenessprobe
nodeDriverRegistrar:
image:
repository: 602401143452.dkr.ecr.ap-northeast-2.amazonaws.com/eks/csi-node-driver-registrar
tag: v2.8.0-eks-1-27-3
pullPolicy: IfNotPresent
csiProvisioner:
image:
repository: 602401143452.dkr.ecr.ap-northeast-2.amazonaws.com/eks/csi-provisioner
tag: v3.5.0-eks-1-27-3
pullPolicy: IfNotPresent
controller:
serviceAccount:
create: false
$ helm upgrade --install aws-efs-csi-driver ./aws-efs-csi-driver -n kube-system --values ./aws-efs-csi-driver/onboarding_values.yaml
