How Can I Simplify K9s Usage with Multiple AWS Accounts and EKS Clusters via SSO?

By
Keven Krok
-
0
0
Asked By TechWanderer42 On

I'm looking for some advice on managing multiple AWS accounts and EKS clusters using K9s more efficiently. Right now, logging in via SSO is quite tedious for me. I have to log in, update the kubeconfig, and switch contexts manually each time I change clusters. I usually end up copying and pasting temporary access credentials, which is not ideal. I switch between around 5 to 10 clusters regularly, so I'm hoping there's a better way or some tools that could simplify this process for me?

7 Answers

Answered By CloudNomad99 On

Have you checked out Teleport? We're currently evaluating it, and it has a community version that might be worth trying out! It could simplify your access across multiple clusters.

Answered By QuickSwitch01 On

I recommend checking out Granted.dev! It’s a tool I use to quickly change SSO roles in my CLI. It’s pretty straightforward and has made my life easier when switching contexts.

Answered By KubeMaster77 On

Why not use an identity provider like Okta for your EKS clusters? You could use kube-login locally to simplify the authentication process.

Answered By TaskManager99 On

If you're using SSO, you can set up a distinct context for every cluster. There's an AWS CLI command for that, and in K9s, just type `: context` to select your desired context! Super easy once everything's set up!

Answered By GitGuru77 On

You might also want to look into InfraHQ. It seems to have some useful features, but make sure to check it out and see if it's what you need: [InfraHQ](https://github.com/infrahq/infra)

Answered By AWSGuru123 On

You should give the AWS CLI SSO a shot! It lets you log into multiple AWS accounts and roles all at once instead of using individual credentials. Just configure your .aws/config like this, and you'll be good to go:
```
[profile login]
sso_start_url=https://d-xxxxxxx.awsapps.com/start
sso_region=us-east-1
sso_account_id=none
sso_role_name=none

[profile ]
sso_account_id=xxxxxxxxxx
sso_role_name=myRole
sso_start_url=https://d-xxxxxxx.awsapps.com/start
sso_region=us-east-1
```
Log in with `aws sso login --profile login` and then update kubeconfig for each cluster with `aws eks update-kubeconfig --profile --region --name `. Just switch between clusters in K9s using `:ctx`. It makes the process flow much smoother!

Answered By KubeExpertGal On

I found this helpful post about using SSO to manage clusters. It provides a step-by-step guide on how to streamline switching contexts. Once the setup is done, you just run `kubectl config use-context cluster1` or `cluster2`, and you're good! Here's the link: [link](https://medium.com/@mrethers/authenticating-to-eks-clusters-with-aws-sso-like-a-boss-too-4ba100c87f0b)

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.