From 3774fc5706578d5346b5b7e7fa6a24e2cda6868c Mon Sep 17 00:00:00 2001 From: "marie.mcallister" Date: Mon, 2 Sep 2024 13:16:52 -0700 Subject: [PATCH] join token step - feedback --- .../pages/enroll-resources/machine-id/deployment/kubernetes.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/pages/enroll-resources/machine-id/deployment/kubernetes.mdx b/docs/pages/enroll-resources/machine-id/deployment/kubernetes.mdx index a45f32963252..8038acbaa3f1 100644 --- a/docs/pages/enroll-resources/machine-id/deployment/kubernetes.mdx +++ b/docs/pages/enroll-resources/machine-id/deployment/kubernetes.mdx @@ -125,7 +125,7 @@ $ kubectl apply -f ./k8s-rbac.yaml ## Step 3/5. Create a join token -If you are using AWS EKS clusters with IAM OIDC enabled, you will need to use [IAM join method](../../../enroll-resources/agents/join-services-to-your-cluster/aws-iam.mdx) +If you are using AWS EKS clusters with IAM OIDC enabled, you will need to use the [IAM join method](../../../enroll-resources/agents/join-services-to-your-cluster/aws-iam.mdx) instead of `static_jwks`. This is because the Kubernetes API server does not use its own JWKS for signing Service Account JWTs; instead, AWS IAM credentials are used.