In environments where the cloud identity and access management (IAM) APIs are not reachable, or the administrator prefers not to store an administrator-level credential secret in the cluster kube-system namespace, you can put the Cloud Credential Operator (CCO) into manual mode before you install the cluster.
-
To learn how to use the CCO utility (
ccoctl) to configure the CCO to use the AWS STS, see Using manual mode with STS.
-
To learn how to rotate or remove the administrator-level credential secret after installing {product-title}, see Rotating or removing cloud provider credentials.
-
For a detailed description of all available CCO credential modes and their supported platforms, see About the Cloud Credential Operator.
-
Install an {product-title} cluster:
-
Installing a cluster quickly on AWS with default options on installer-provisioned infrastructure
-
Install a cluster with cloud customizations on installer-provisioned infrastructure
-
Install a cluster with network customizations on installer-provisioned infrastructure
-
Installing a cluster on user-provisioned infrastructure in AWS by using CloudFormation templates
-