如何将 AWS EKS 与 Jenkins Kubernetes Cloud 插件一起使用？

我基本上没有找到关于如何使用Jenkins Kubernetes 插件使用 Amazon EKS。文档提到 aws-iam-authenticator 和 java 设置来更改缓存超时，但没有解释如何配置任何内容。

如果我将 EKS 集群的 API URL 放在“Kubernetes URL”字段中并单击“测试连接”按钮，我会收到有关认证路径的错误：

Error testing connection https://XXX.gr7.us-west-2.eks.amazonaws.com: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

如果我选中“禁用 https 证书检查”复选框，我会收到有关“system:anonymous”用户没有正确权限的错误：

Error testing connection https://XXX.gr7.us-west-2.eks.amazonaws.com: Failure executing: GET at: https://XXX.gr7.us-west-2.eks.amazonaws.com/api/v1/namespaces/default/pods. Message: pods is forbidden: User "system:anonymous" cannot list resource "pods" in API group "" in the namespace "default". Received status: Status(apiVersion=v1, code=403, details=StatusDetails(causes=[], group=null, kind=pods, name=null, retryAfterSeconds=null, uid=null, additionalProperties={}), kind=Status, message=pods is forbidden: User "system:anonymous" cannot list resource "pods" in API group "" in the namespace "default", metadata=ListMeta(_continue=null, remainingItemCount=null, resourceVersion=null, selfLink=null, additionalProperties={}), reason=Forbidden, status=Failure, additionalProperties={}).

运行 jenkins 主服务器的 EC2 实例具有具有完整 eks:* 权限的 IAM 角色。如果我使用 IAM 角色设置凭据，它不会显示在凭据下拉列表中。具有 AWS 访问权限和密钥的凭据也不会显示在凭据下拉列表中。