The aws eks list-clusters command can be used to list your Elastic Kubernetes Service (EKS).
~]$ aws eks list-clusters
{
"clusters": [
"my-cluster"
]
}
And then the aws eks get-token command can be used to get an authentication token from your Elastic Kubernetes Service (EKS) cluster.
~]$ aws eks get-token --cluster-name my-cluster
{"kind": "ExecCredential", "apiVersion": "client.authentication.k8s.io/v1alpha1", "spec": {}, "status": {"expirationTimestamp": "2023-10-23T20:29:08Z", "token": "k8s-aws-v1.aHR0....zljYw"}}
This will use the default profile in your hidden AWS credentials file (e.g. /home/john.doe/.aws/credentials). For example, if your hidden AWS credentials file has the following, the default credential would be used.
~]$ cat /home/john.doe/.aws/credentials
[default]
aws_secret_access_key = ABCDEFG123456789ABCDEFG123456789ABCDEFG12
aws_access_key_id = ABCDEFG123456789ABCD
Or, the --profile flag could be used to use some other profile in your hidden AWS credentials file.
aws eks get-token --cluster-name my-cluster --profile johndoe
Optionally, adddtional key value pairs can be included, such as --region and --output.
aws eks get-token \
--cluster-name my-cluster \
--region us-east-1 \
--output json
Then the --token option can be used with the kubectl CLI.
kubectl get pods --token <token goes here>
But, it is much more command to instead use the aws eks update-kubeconfig command to create or update your kube config file. The kube config file uses the aws eks get-token command to get an authentication token that is used to authenticate to your Kubernetes cluster. This would be just like using the aws eks get-token command to get an authentication token. Then kubectl gets the token using your kube config file.
~]$ aws eks update-kubeconfig --name my-cluster
Added new context arn:aws:eks:us-east-1:123456789012:cluster/my-cluster to /home/john.doe/.kube/config
Did you find this article helpful?
If so, consider buying me a coffee over at