Apply changes to IAM role gathering for EKS Admin

aws-samkool · aws-samkool · commit 7dae3a6d7153 · 2024-09-06T17:18:07.000+02:00
diff --git a/README.md b/README.md
@@ -22,14 +22,7 @@ Before deploying the POSIT-SCE on AWS EKS, ensure you have the following prerequ
 
 ## Getting Started
 
-1. Clone this repository:
-
-   ```bash
-   mwinit #Make sure you are authenticated into Midway TODO: Remove before publish
-   git clone git@ssh.gitlab.aws.dev:open-source/posit-sce.git
-   cd posit-sce
-   ```
-
+1. Clone this repository
 2. Install the required dependencies:
 
     ```bash
@@ -44,7 +37,12 @@ Before deploying the POSIT-SCE on AWS EKS, ensure you have the following prerequ
     npm install
    ```
 
-   Be sure to authenticate the AWS CLI, please see [this link](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html) for guidance.
+   Be sure to authenticate the AWS CLI, please see [this link](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html) for guidance. Make sure to note down the (or one of) the IAM Role ARN's the CLI has assumed or that the IAM user has been assigned. 
+   This role is required in the setup to provide administrative rights to the current session for configuration of the Kubernetes cluster. 
+   You can find out which user or role is assumed via the following command:
+   ```
+   aws sts get-caller-identity
+   ```
    &nbsp;
 
 3. Deploy the POSIT-SCE on AWS EKS:
diff --git a/run.sh b/run.sh
@@ -3,14 +3,10 @@
 gather_parameters_deploy() {
     read -p "Deployment identifier [posit-sce]: " stack_name
     stack_name=${stack_name:-posit-sce}
-    ROLE_ARN=$(aws sts get-caller-identity --output text --query 'Arn')
-    echo "Do you want to use the following role for Admin rights to the EKS Cluster?"
-    echo "Role: $ROLE_ARN"
-    if ! read_yes_no; then
-        read -p "What is the role ARN: " role
-        ROLE_ARN=$role
-    fi
-    export CURRENT_ROLE_ARN=$ROLE_ARN
+    echo "Please provide the IAM Role that is assigned to the current authenticated user."
+    echo "This role will be granted Admin rights on the EKS cluster for the setup."
+    read -p "ARN: " role
+    export CURRENT_ROLE_ARN=$role
     export ssl=false
     export domain=false
     echo "Do you want to use a custom domain name?"
@@ -76,6 +72,7 @@ check_aws_authentication() {
     current_region=$(aws ec2 describe-availability-zones --output text --query 'AvailabilityZones[0].[RegionName]')
     if [[ $? -eq 0 ]]; then
         echo "AWS CLI is authenticated."
+        echo "Admin Role: $CURRENT_ROLE_ARN"
         echo "Account Number: $aws_identity"
         echo "The selected AWS Region is: $current_region"
     else
