Setting up to use Amazon EKS
Amazon resources typically have access restrictions that limit access to the Amazon entity that created them. Therefore, it's crucial to establish proper user configuration in the Amazon Command Line Interface from the beginning. Additionally, you need to equip your local machine with essential tools for efficient command-line management of your Amazon EKS cluster. This topic will help you prepare for the command-line management of your cluster.
Step 1: Set up the Amazon CLI
The Amazon CLI
To create an access key
-
Sign into the Amazon Web Services Management Console
. -
In the top right, choose your Amazon user name to open the navigation menu. For example, choose
webadmin
. Then choose Security credentials. -
Under Access keys, choose Create access key.
-
Choose Command Line Interface (CLI), then choose Next.
-
Choose Create access key.
-
Choose Download .csv file.
To configure the Amazon CLI
After installing the Amazon CLI, do the following steps to configure it. For more information, see Configure the Amazon CLI in the Amazon Command Line Interface User Guide.
-
In a terminal window, enter the following command:
aws configure
Optionally, you can configure a named profile, such as
. If you configure a named profile in the Amazon CLI, you must always pass this flag in subsequent commands.--profile cluster-admin
-
Enter your Amazon credentials. For example:
AWS Access Key ID [None]:
AWS Secret Access Key [None]:AKIAIOSFODNN7EXAMPLE
Default region name [None]:wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Default output format [None]:region-code
json
To get a security token
If needed, run the following command to get a new security token for the Amazon CLI.
For more information, see get-session-token
in the Amazon CLI Command Reference.
By default, the token is valid for 15 minutes. To change the default session
timeout, pass the
flag. For
example:--duration-seconds
aws sts get-session-token --duration-seconds 3600
This command returns the temporary security credentials for an Amazon CLI session. You should see the following response output:
{ "Credentials": { "AccessKeyId": "ASIA5FTRU3LOEXAMPLE
", "SecretAccessKey": "JnKgvwfqUD9mNsPoi9IbxAYEXAMPLE
", "SessionToken": "VERYLONGSESSIONTOKENSTRING
", "Expiration": "2023-02-17T03:14:24+00:00
" } }
To verify the user identity
If needed, run the following command to verify the Amazon credentials for your
IAM user identity (such as
)
for the terminal session.ClusterAdmin
aws sts get-caller-identity
This command returns the Amazon Resource Name (ARN) of the IAM entity that's configured for the Amazon CLI. You should see the following example response output:
{ "UserId": "AKIAIOSFODNN7EXAMPLE
", "Account": "01234567890
", "Arn": "arn:aws-cn:iam::01234567890
:user/ClusterAdmin
" }
Step 2: Install Kubernetes tools
To communicate with a Kubernetes cluster, you will need a tool to interact with the Kubernetes API. Additionally, you need a few other tools, such as one to manage Kubernetes environments on your local machine.
To create Amazon resources
-
Amazon EKS cluster resources – If you're new to Amazon, we recommend installing
eksctl
. eksctl
is an infrastructure as code (IaC) utility that uses Amazon CloudFormation to easily create your Amazon EKS cluster. It also creates additional Kubernetes resources, such as service accounts. For instructions on how to installeksctl
, see Installationin the eksctl
documentation. -
Amazon resources – If you're accustomed to automating the provisioning and deployment of your Amazon infrastructure, we recommend installing Terraform. Terraform is an open-source infrastructure as code (IaC) tool developed by HashiCorp. It allows you to define and provision infrastructure using a high-level configuration language such as HashiCorp Configuration Language (HCL) or JSON. For instructions on how to install Terraform, see Install Terraform
in the Terraform documentation.
To install kubectl
kubectl
is an open source command line tool used to communicate with the Kubernetes
API server on your Amazon EKS cluster. If you don't already have it installed on your
local machine, choose from the following options.
-
Amazon versions – To install an Amazon EKS-supported
kubectl
version, see Installing or updating kubectl. -
Community versions – To install the latest community version of
kubectl
, see the Install toolspage in Kubernetes documentation.
To set up a development environment
-
Local deployment tool – If you're new to Kubernetes, consider installing a local deployment tool like
minikube
or kind
. These tools allow you to manage an Amazon EKS cluster on your local machine. -
Package manager – Helm
is a popular package manager for Kubernetes that simplifies the installation and management of complex packages. With Helm, it's easier to install and manage packages like the Amazon Load Balancer Controller on your Amazon EKS cluster.