---
title: Cluster access for multiple AWS users
description: It's common for team members to share the use of a cluster. For team members to share a cluster, the cluster owner must grant access to each user:
component: forgeops
version: 2026.1
page_id: forgeops:prepare:security/multi-user-access-aws
canonical_url: https://docs.pingidentity.com/forgeops/2026.1/prepare/security/multi-user-access-aws.html
keywords: ["Security", "AWS"]
---

# Cluster access for multiple AWS users

It's common for team members to share the use of a cluster. For team members to share a cluster, the cluster owner must grant access to each user:

1. Get the ARNs and names of users who need access to your cluster.

2. Set the Kubernetes context to your Amazon EKS cluster.

3. Edit the authorization configuration map for the cluster using the kubectl edit command:

   ```
   $ kubectl edit -n kube-system configmap/aws-auth
   ```

4. Under the `mapRoles` section, insert the `mapUser` section. An example is shown here with the following parameters:

   * The user ARN is `arn:aws:iam::012345678901:user/new.user`.

   * The user name registered in AWS is new\.user.

     ```
     ... mapUsers: |
         - userarn: arn:aws:iam::012345678901:user/new.user
           username: new.user
           groups:
             - system:masters
     ...
     ```

5. For each additional user, insert the `- userarn:` entry in the `mapUsers:` section:

   ```
   ... mapUsers: |
       - userarn: arn:aws:iam::012345678901:user/new.user
         username: new.user
         groups:
           - system:masters
       - userarn: arn:aws:iam::901234567890:user/second.user
         username: second.user
         groups:
           - system:masters
   ...
   ```

6. Save the configuration map.