Skip to content

EKS Storage with EBS - Elastic Block Store

Step-01: Introduction

  • Create IAM Policy for EBS
  • Associate IAM Policy to Worker Node IAM Role
  • Install EBS CSI Driver

Step-02: Create IAM policyy

  • Go to Services -> IAM
  • Create a Policy
  • Select JSON tab and copy paste the below JSON
      "Version": "2012-10-17",
      "Statement": [
          "Effect": "Allow",
          "Action": [
          "Resource": "*"
  • Review the same in Visual Editor
  • Click on Review Policy
  • Name: Amazon_EBS_CSI_Driver
  • Description: Policy for EC2 Instances to access Elastic Block Store
  • Click on Create Policy

Step-03: Get the IAM role Worker Nodes using and Associate this policy to that role

# Get Worker node IAM Role ARN
kubectl -n kube-system describe configmap aws-auth

# from output check rolearn
rolearn: arn:aws:iam::180789647333:role/eksctl-eksdemo1-nodegroup-eksdemo-NodeInstanceRole-IJN07ZKXAWNN
- Go to Services -> IAM -> Roles - Search for role with name eksctl-eksdemo1-nodegroup and open it - Click on Permissions tab - Click on Attach Policies - Search for Amazon_EBS_CSI_Driver and click on Attach Policy

Step-04: Deploy Amazon EBS CSI Driver

  • Verify kubectl version, it should be 1.14 or later
    kubectl version --client --short
  • Deploy Amazon EBS CSI Driver
    # Deploy EBS CSI Driver
    kubectl apply -k ""
    # Verify ebs-csi pods running
    kubectl get pods -n kube-system

AWS EKS - Elastic Kubernetes Service - Masterclass