fieldju/kube2iam — explained in plain English
Analysis updated 2026-07-17 · repo last pushed 2020-05-04
Give each pod only the AWS permissions it specifically needs.
Prevent a compromised container from stealing another pod's AWS credentials.
Run multiple teams' services on one shared Kubernetes cluster safely.
Restrict which AWS role a pod can assume via a simple annotation.
| fieldju/kube2iam | 0verflowme/alarm-clock | 0xhassaan/nn-from-scratch | |
|---|---|---|---|
| Stars | — | — | 0 |
| Language | — | CSS | Python |
| Last pushed | 2020-05-04 | 2022-10-03 | — |
| Maintenance | Dormant | Dormant | — |
| Setup difficulty | hard | easy | moderate |
| Complexity | 4/5 | 2/5 | 4/5 |
| Audience | ops devops | vibe coder | developer |
Figures from each repo's GitHub metadata at analysis time.
Requires configuring AWS IAM role assumption and running as a privileged daemon on every cluster node.
Gives each Kubernetes pod its own scoped AWS permissions instead of letting all pods on a machine share the same broad access.
Dormant — no commits in 2+ years (last push 2020-05-04).
The README does not state a license.
Setup difficulty is rated hard, with roughly 1h+ to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
double-check against the repo, no cap.