{"id":38649727,"url":"https://github.com/mjnagel/k3d-irsa","last_synced_at":"2026-01-17T09:18:33.491Z","repository":{"id":211143626,"uuid":"728260767","full_name":"mjnagel/k3d-irsa","owner":"mjnagel","description":"Resources and setup guides for using IRSA with a local k3d cluster","archived":false,"fork":false,"pushed_at":"2025-12-16T21:58:55.000Z","size":68,"stargazers_count":15,"open_issues_count":2,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-12-20T12:38:52.333Z","etag":null,"topics":["aws","irsa","k3d","kubernetes","opentofu","tofu"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mjnagel.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2023-12-06T15:11:08.000Z","updated_at":"2025-12-16T21:58:26.000Z","dependencies_parsed_at":"2025-07-29T19:25:15.586Z","dependency_job_id":null,"html_url":"https://github.com/mjnagel/k3d-irsa","commit_stats":null,"previous_names":["mjnagel/k3d-irsa"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/mjnagel/k3d-irsa","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjnagel%2Fk3d-irsa","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjnagel%2Fk3d-irsa/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjnagel%2Fk3d-irsa/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjnagel%2Fk3d-irsa/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mjnagel","download_url":"https://codeload.github.com/mjnagel/k3d-irsa/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjnagel%2Fk3d-irsa/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28505172,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-17T06:57:29.758Z","status":"ssl_error","status_checked_at":"2026-01-17T06:56:03.931Z","response_time":85,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","irsa","k3d","kubernetes","opentofu","tofu"],"created_at":"2026-01-17T09:18:33.301Z","updated_at":"2026-01-17T09:18:33.440Z","avatar_url":"https://github.com/mjnagel.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# IRSA on k3d\n\nThis repository provides resources for setting up IRSA (IAM Roles for Service Accounts) on a local k3d cluster. IRSA enables you to map AWS IAM roles to Kubernetes service accounts, allowing specific pods to securely access AWS resources. While IRSA is provided out of the box with AWS EKS clusters, it is also possible to self-host the IRSA setup on any cluster. This repository focuses specifically on how to do this for k3d clusters, although the steps can be easily adapted to k3s and RKE2 or other Kubernetes distributions.\n\n## Setup Guides\n\nChoose your preferred setup method:\n\n1. **OpenTofu** - Automated setup using Infrastructure as Code:\n   - [OpenTofu Setup](./docs/opentofu-setup.md)\n\n2. **AWS CLI** - Step-by-step manual setup:\n   - [CLI Setup](./docs/cli-setup.md)\n\n## Key Steps\n\n- Set up OIDC provider in AWS IAM\n- Configure k3d with OIDC support\n- Deploy the IRSA webhook for automatic credential injection\n- Validate by setting up an IAM role and testing usage with a pod/service account\n\n## Prerequisites\n\nEach individual setup guide has some specific prerequisites, but these are required regardless of approach:\n\n- **Kubernetes Tools**:\n  - [k3d](https://k3d.io/stable/)\n  - [kubectl](https://kubernetes.io/docs/reference/kubectl/)\n  - [Helm](https://helm.sh/)\n- **AWS Tools**:\n  - [AWS CLI](https://aws.amazon.com/cli/)\n  - AWS Account with appropriate IAM permissions\n\n## License\n\nThis project is licensed under the Apache License 2.0 - see the [LICENSE](LICENSE) file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmjnagel%2Fk3d-irsa","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmjnagel%2Fk3d-irsa","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmjnagel%2Fk3d-irsa/lists"}