Releasing IAM EKS User Mapper in open-source
So, why did we decide to build this? Well, at Qovery, we saw how tedious and error-prone it can be to manually handle cluster access. We thought, "There's got to be a better way!" And thus, the IAM EKS User Mapper was born, crafted with love in Rust 🦀. Why Rust, you ask? It's simple: for its unparalleled performance and reliability. We wanted a tool as robust and dependable as your needs.
Here’s a sneak peek into what makes this tool a must-have:
- Group Users Sync: Say goodbye to the hassle of manually updating access rights. This feature automatically syncs IAM users from groups directly into your Kubernetes cluster’s aws-auth configmap. It's all about making your life easier.
- SSO Support: We know how crucial SSO is for secure and efficient access management. That’s why our tool supports SSO roles in the aws-auth configmap, making it a breeze for users to connect to the cluster.
By open-sourcing the IAM EKS User Mapper, we’re inviting you to join in, contribute, and help shape the future of Kubernetes access management. Whether you're bug hunting, suggesting new features, or coding up a storm, we’re here for it and appreciate your input.
We’d love to hear from you. How do you currently handle Kubernetes cluster access? Any challenges or tips you'd like to share? Your experiences and feedback are gold to us. Please use this reddit thread or open an issue on GitHub if you want to share your experience.
In a nutshell, the IAM EKS User Mapper is our way of making Kubernetes management a little less stressful and a lot more secure. We can’t wait to see how you use it and make it even better.
Repository: IAM EKS User Mapper Repository
.svg)
.svg)
.svg)
Suggested articles
At enterprise scale, managing provider-specific Kubernetes YAML across multiple clouds creates crippling configuration drift and operational toil. By adopting an agentic Kubernetes management platform, infrastructure teams abstract cloud-specific configurations (like ingress controllers and storage classes) into a single, declarative intent that automatically reconciles across 1,000+ clusters.
To stop GPU costs from destroying SaaS margins, teams must transition from static to consumption-based infrastructure by utilizing Karpenter for dynamic provisioning, maximizing hardware density with NVIDIA MIG, and leveraging Qovery to tie scaling directly to business metrics.
AI is helping developers write more code, faster than ever. But writing code is only half the story. What happens after? Building, deploying, debugging, scaling. That's where teams still lose hours.We're building Qovery for this era. Not just to deploy your code, but to make everything that comes after writing it just as fast.
By adopting GitOps and utilizing management platforms like Qovery, fintech teams can automatically generate DORA-compliant audit trails, transforming regulatory compliance from a manual, time-consuming chore into an automated, native byproduct of their infrastructure.
Kubernetes success is determined by Day 2 execution, not Day 1 deployment. While migration is a bounded project, maintenance is an infinite loop that often consumes 40% of senior engineering capacity. To protect margins and velocity, enterprises must transition from manual toil to agentic automation that handles scaling, security, and cost.
Day-0 is planning, Day-1 is deployment, and Day-2 is the infinite lifecycle of maintenance. While Day-0/1 are foundational, Day-2 is where enterprise operational debt accumulates. At fleet scale (1,000+ clusters), managing these differences manually is impossible, requiring agentic automation to maintain stability and eliminate toil.
.webp)