https://github.com/luizm/eks-login
CLI to automate the EKS login process using STS credentials created by vault
https://github.com/luizm/eks-login
aws eks vault
Last synced: about 1 year ago
JSON representation
CLI to automate the EKS login process using STS credentials created by vault
- Host: GitHub
- URL: https://github.com/luizm/eks-login
- Owner: luizm
- Created: 2019-11-11T18:55:27.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2020-04-07T00:04:10.000Z (about 6 years ago)
- Last Synced: 2025-05-12T23:53:31.421Z (about 1 year ago)
- Topics: aws, eks, vault
- Language: Go
- Homepage:
- Size: 49.8 KB
- Stars: 10
- Watchers: 4
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
### Description
I would like do use the [hashicorp vault](https://www.vaultproject.io/docs/secrets/aws/index.html) to get temporary [AWS Credencial](https://www.vaultproject.io/docs/secrets/aws/index.html) and using it to access the EKS service.
The problem is, the STS AWS credentials no valid for more than 12 hours, so, this script will automate the process.
**Auth methods supported:**
- github
### How to use
1. Download the binary from github page or on OsX:
```
brew install luizm/tap/eks-login
```
2. In the correct context into kubeconfig file, edit the `command` block and use `eks-login` instead of `aws cli` or `aws-iam-authenticator`
Example:
```
- name: cluster-name
user:
exec:
apiVersion: client.authentication.k8s.io/v1alpha1
command: eks-login
args:
- -cluster-name
-
- -vault-addr
-
- -vault-path
-
```