Skip to content



Access to EKS is usually achieved via IAM roles. These could be either custom IAM roles that you define, or SSO roles that AWS takes care of creating and managing.


Granting different kinds of access to IAM roles can be done as shown here where you can define classic IAM roles or SSO roles. Note however that, since the latter are managed by AWS SSO, they could change if they are recreated or reassigned.

Now, even though granting access to roles is the preferred way, keep in mind that that is not the only way you can use. You can also grant access to specific users or to specific accounts.