Using IAM Roles with STS in ROSA Container App

Image by subak214 from Pixabay

Similar as way of using IAM roles in an EC2 instance, we can get the container application in ROSA the IAM roles to access the AWS resources.

In ROSA, The service account of the pod is issued by the OpenID Connect (OIDC) identity provider registered in AWS. We can then use this token to be authenticated by the AWS security token services (STS) and get the temporary IAM role access to…