Learn how to establish a trust relationship between a Kubernetes cluster and AWS IAM to grant cluster generated Service Account tokens access to AWS services using OIDC & without storing long-lived credentials.
You might've solved this challenge way sooner than I attempted it. Still, I always wanted to go through the process as it has many angles and learning the details intrigues me.
This version, however, does not use any cloud provider. Specifically, the things I am using differently from the original challenge are:
Vagrant & VirtualBox: For the nodes of the cluster
Ansible: For configuring everything until the cluster is ready
Cilium: For the network CNI and as a replacement for the kube-proxy
So, here is my story and how I solved the famous "Kubernetes The Hard Way" by the great Kelsey Hightower. Stay tuned if you're interested in the details.