Amazon EKS now allows you to assign IAM permissions to Kubernetes service accounts. This gives you fine-grained, pod level access control when running clusters with multiple co-located services.

from Recent Announcements https://aws.amazon.com/about-aws/whats-new/2019/09/amazon-eks-adds-support-to-assign-iam-permissions-to-kubernetes-service-accounts/