{"id":34691628,"url":"https://github.com/cloudresty/aws-kubectl","last_synced_at":"2026-05-28T19:01:38.297Z","repository":{"id":220552011,"uuid":"621529003","full_name":"cloudresty/aws-kubectl","owner":"cloudresty","description":"AWS CLI \u0026 kubectl","archived":false,"fork":false,"pushed_at":"2024-02-14T19:00:32.000Z","size":10,"stargazers_count":0,"open_issues_count":2,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2024-02-14T20:26:24.141Z","etag":null,"topics":["aws","awscli"],"latest_commit_sha":null,"homepage":"https://cloudresty.com","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cloudresty.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2023-03-30T21:08:39.000Z","updated_at":"2024-04-14T20:29:23.402Z","dependencies_parsed_at":"2024-02-02T18:25:06.524Z","dependency_job_id":"81620e45-815b-46e9-be38-d1c4f30d8bc8","html_url":"https://github.com/cloudresty/aws-kubectl","commit_stats":null,"previous_names":["cloudresty/aws-kubectl"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/cloudresty/aws-kubectl","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudresty%2Faws-kubectl","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudresty%2Faws-kubectl/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudresty%2Faws-kubectl/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudresty%2Faws-kubectl/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cloudresty","download_url":"https://codeload.github.com/cloudresty/aws-kubectl/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloudresty%2Faws-kubectl/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33622070,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-05-28T02:00:06.440Z","response_time":99,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","awscli"],"created_at":"2025-12-24T21:59:59.937Z","updated_at":"2026-05-28T19:01:38.290Z","avatar_url":"https://github.com/cloudresty.png","language":"Dockerfile","funding_links":[],"categories":[],"sub_categories":[],"readme":"# aws-kubectl\n\nThis repository contains a Dockerfile bundled with the following packages:\n\n* Debian 'trixie-slim' as base image\n* AWS CLI v2.17.1\n* kubectl v1.30.2\n\n\u0026nbsp;\n\n## Docker image\n\nThe Docker image can be found and pulled from Cloudresty's Docker Hub public repository available here [https://hub.docker.com/r/cloudresty/aws-kubectl](https://hub.docker.com/r/cloudresty/aws-kubectl).\n\n\u0026nbsp;\n\n## Usage\n\nHere is an example of how this Docker image can be used within a non-AWS Kubernetes cluster that requires access to a private AWS ECR registry. More precisely, in this example we will generate a series of resources that will help with refreshing the AWS Authentication Token. By default the AWS Authentication Token gets invalidated every 12 hours and this `AWS ECR Token Refresh CronJob` will help with generating a new token every 10 hours.\n\n\u0026nbsp;\n\nPlease create a new `YAML` file with the following content:\n\n`aws-ecr-token-refresh.yaml`\n\n```yaml\n#\n# Kubernetes Secret Manifest Document\n#\n\napiVersion: v1\nkind: Secret\nmetadata:\n  name: ecr-token-refresh\n  namespace: {kubernetes_namespace}\nstringData:\n  AWS_SECRET_ACCESS_KEY: \"{aws_secret_access_key}\"\n---\n\n#\n# Kubernetes ConfigMap Manifest Document\n#\n\napiVersion: v1\nkind: ConfigMap\nmetadata:\n  name: ecr-token-refresh\n  namespace: {kubernetes_namespace}\ndata:\n  AWS_ACCOUNT_ID: \"{aws_account_id}\"\n  AWS_DEFAULT_REGION: \"{aws_default_region}\"\n  AWS_ACCESS_KEY_ID: \"{aws_access_key_id}\"\n  DOCKER_SECRET_NAME: \"ecr-credentials\"\n---\n\n#\n# Kubernetes CronJob Manifest Document\n#\n\napiVersion: batch/v1beta1\nkind: CronJob\nmetadata:\n  name: ecr-token-refresh\n  namespace: {kubernetes_namespace}\nspec:\n  schedule: \"0 */10 * * *\"\n  successfulJobsHistoryLimit: 3\n  suspend: false\n  jobTemplate:\n    spec:\n      template:\n        spec:\n          serviceAccountName: ecr-token-refresh\n          containers:\n          - name: ecr-registry-helper\n            image: cloudresty/aws-kubectl:v1.1.0\n            imagePullPolicy: IfNotPresent\n            envFrom:\n              - secretRef:\n                  name: ecr-token-refresh\n              - configMapRef:\n                  name: ecr-token-refresh\n            command:\n              - /bin/sh\n              - -c\n              - |-\n                export AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}\n                export AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}\n                export AWS_DEFAULT_REGION=${AWS_DEFAULT_REGION}\n                export ECR_TOKEN=`aws ecr get-login-password`\n                export NAMESPACE_NAME={kubernetes_namespace}\n                kubectl delete secret --ignore-not-found ${DOCKER_SECRET_NAME} -n ${NAMESPACE_NAME}\n                kubectl create secret docker-registry ${DOCKER_SECRET_NAME} \\\n                  --docker-server=https://${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com \\\n                  --docker-username=AWS \\\n                  --docker-password=\"${ECR_TOKEN}\" \\\n                  --namespace=${NAMESPACE_NAME}\n                echo \"Secret was successfully updated at $(date)\"\n          restartPolicy: Never\n---\n\n#\n# Kubernetes ServiceAccount Manifest Document\n#\n\napiVersion: v1\nkind: ServiceAccount\nmetadata:\n  name: ecr-token-refresh\n  namespace: {kubernetes_namespace}\n---\n\n#\n# Kubernetes Role Manifest Document\n#\n\napiVersion: rbac.authorization.k8s.io/v1\nkind: Role\nmetadata:\n  namespace: {kubernetes_namespace}\n  name: ecr-token-refresh\nrules:\n- apiGroups: [\"\"]\n  resources: [\"secrets\"]\n  resourceNames: [\"ecr-credentials\"]\n  verbs: [\"delete\"]\n- apiGroups: [\"\"]\n  resources: [\"secrets\"]\n  verbs: [\"create\"]\n---\n\n#\n# Kubernetes RoleBinding Manifest Document\n#\n\nkind: RoleBinding\napiVersion: rbac.authorization.k8s.io/v1\nmetadata:\n  name: ecr-token-refresh\n  namespace: {kubernetes_namespace}\nsubjects:\n- kind: ServiceAccount\n  name: ecr-token-refresh\n  namespace: {kubernetes_namespace}\n  apiGroup: \"\"\nroleRef:\n  kind: Role\n  name: ecr-token-refresh\n  apiGroup: \"\"\n\n```\n\n\u0026nbsp;\n\nReplace the values listed below:\n\n* `{kubernetes_namespace}`\n* `{aws_default_region}`\n* `{aws_account_id}`\n* `{aws_access_key_id}`\n* `{aws_secret_access_key}`\n\n\u0026nbsp;\n\nAfter replacing all values required we can then create the K8s resources using `kubectl` as shown in the example below:\n\n```shell\nkubectl apply -f aws-ecr-token-refresh.yaml\n```\n\n\u0026nbsp;\n\n---\nCopyright \u0026copy; [Cloudresty](https://cloudresty.com)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcloudresty%2Faws-kubectl","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcloudresty%2Faws-kubectl","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcloudresty%2Faws-kubectl/lists"}