...
| Code Block | ||
|---|---|---|
| ||
eksctl utils associate-iam-oidc-provider --cluster <cluster_name> --approve |
Save Run this command to the inline IAM policy to a JSON file named cni_iam.json:
| Code Block | ||
|---|---|---|
| ||
cat > cni_iam.json <<EOT
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Deny",
"Action": "ec2:UnassignPrivateIpAddresses",
"Resource": "*"
}
]
}
EOT |
This user-defined policy denies the ability to unassign one or more secondary private IP addresses, or “IPv4 Prefix Delegation” prefixes from a network interfaceensures that the AWS CNI doesn’t unassign the IP address of your workloads running on Infrastructure Optimizer sandboxes, by denying the ability to perform such unassignments.
Use the following command to create the policy:
...