Adding Documentation to the README

**Why:** * Documenting an example role that can be applied Signed-off-by: Christopher Hein <[email protected]>
kubernetes-sigs · Aug 7, 2018 · 7cd562b · 7cd562b
1 parent f0b3d2e
commit 7cd562b
Showing 1 changed file with 25 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -110,7 +110,11 @@ This means the `kubeconfig` is entirely public data and can be shared across all
 It may make sense to upload it to a trusted public location such as AWS S3.
 
 Make sure you have the `aws-iam-authenticator` binary installed.
-You can install it with `go get -u -v github.com/kubernetes-sigs/aws-iam-authenticator/cmd/aws-iam-authenticator`.
+You can install it with:
+
+```sh
+go get -u -v github.com/kubernetes-sigs/aws-iam-authenticator/cmd/aws-iam-authenticator
+```
 
 To authenticate, run `kubectl --kubeconfig /path/to/kubeconfig" [...]`.
 kubectl will `exec` the `aws-iam-authenticator` binary with the supplied params in your kubeconfig which will generate a token and pass it to the apiserver.
@@ -343,3 +347,23 @@ server:
   - "456789012345"
 
 ```
+
+## Alpha CRD Implementation
+
+The above will allow you to manage both the server and the client using the same
+configuation. If you'd like to use the alpha Custom Resource Definition setup
+for the server side role mappings you can define a user or a role using the
+below manifest.
+
+```yaml
+---
+apiVersion: authenticator.aws/v1alpha1
+kind: IAMIdentityMapping
+metadata:
+  name: kubernetes-admin
+spec:
+  arn: arn:aws:iam::00000000000:role/KubernetesAdmin
+  username: kubernetes-admin
+  groups:
+  - system:masters
+```