Create IAM Role (Service Account) and attach the policy
Run the following command
– Update <clustername> with the correct cluster name
– Update <role-name> with the role name (example: app-ebs-csi-role)
– Update or remove the <awscli-profile> depending on your configuration
eksctl create iamserviceaccount / --name ebs-csi-controller-sa / --namespace kube-system / --cluster <clustername> / --attach-policy-arn arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy / --approve / --role-only / --role-name <role-name> / --profile <awscli-profile>
Install CSI Driver
Add the AWS CSI Driver Repo
helm repo add aws-ebs-csi-driver https://kubernetes-sigs.github.io/aws-ebs-csi-driver
Update Repos
helm repo update
Install AWS CSI driver to cluster
helm upgrade --install aws-ebs-csi-driver --namespace kube-system aws-ebs-csi-driver/aws-ebs-csi-driver
Additional Documentation
- https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/master/docs/install.md
- https://docs.aws.amazon.com/eks/latest/userguide/csi-iam-role.html
- https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/master/docs/example-iam-policy.json
- https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/master/docs/install.md