Blenra
Optimized for: Gemini / ChatGPT / Claude

Advanced AI Prompt for AWS EKS Service Account (IRSA) Least-Privilege

Use this engineered prompt to drastically optimize your workflow and output.

Required Variables

  • [OIDC_PROVIDER_URL]
  • [NAMESPACE]
  • [SERVICE_ACCOUNT_NAME]
  • [KMS_KEY_ARN]
advanced-ai-prompt-eks-irsa-iam-policy.txt
Develop an IAM policy and a Trust Relationship for an AWS EKS Service Account using IRSA. The policy must allow the pod to only perform 'kms:Decrypt' using the specific key [KMS_KEY_ARN]. The Trust Relationship must verify the OIDC provider [OIDC_PROVIDER_URL] and ensure the subject matches 'system:serviceaccount:[NAMESPACE]:[SERVICE_ACCOUNT_NAME]'. Ensure no other service accounts in the cluster can assume this role.

Example Output

"The AI provides a two-part JSON response: the scoped KMS IAM policy and the OIDC-verified trust policy for the IAM role."