Use this action to configure Amazon Elastic Kubernetes Service (EKS) credentials for use in CloudBees workflows.
This action updates your \~/.kube/config
with credentials for connecting to an EKS cluster.
Prerequisites
Make sure to add the following to your YAML file:
- name: Check out repo uses: actions/checkout@v1 - name: Configure AWS credentials uses: https://github.com/cloudbees-io/configure-aws-credentials@v1 with: role-to-assume: arn:aws:iam::123456789012:role/my-cloudbees-actions-role aws-region: your-aws-region
For more information, refer to CloudBees action: Configure AWS credentials.
All CloudBees action repositories are listed at CloudBees, Inc. on GitHub. |
Inputs
Input name | Data type | Required? | Description |
---|---|---|---|
|
String |
Yes |
The EKS cluster name. |
|
String |
No |
The EKS role to assume. |
|
String |
No |
The user alias. |
|
String |
No |
The EKS alias. |
Usage examples
Current credentials role
Authenticate to Amazon Elastic Kubernetes Service with the current credentials role.
In your YAML file, add:
- name: Login to Amazon EKS uses: https://github.com/cloudbees-io/configure-eks-credentials@v1 with: name: my-eks-cluster-name - name: Do some things with the cluster uses: docker://alpine/k8s:latest run: | kubectl apply -k ...
Assume a different role
To get correct credentials for Amazon Elastic Kubernetes Service, you may at times need to assume a role different from your current role.
The current Amazon Web Services credentials must be able to assume the role. |
In your YAML file, add:
- name: Log in to Amazon EKS uses: https://github.com/cloudbees-io/configure-eks-credentials@v1 with: name: my-eks-cluster-name role-to-assume: my-eks-admin-role - name: Do some things with the cluster uses: docker://alpine/k8s:latest run: | helm install ...
To assume a different role, use the role-session-name and role-external-id options from CloudBees action: Configure AWS credentials.
|
Connect to multiple clusters
Merge the credentials into \~/.kube/config
so you can chain multiple times; for example, if you need to have multiple EKS clusters authenticated, or switch between different authentications for the same cluster.
The workflow always sets the current context, so the last one takes precedence. |
In your YAML file, add:
Connect to a cluster in a different region
To authenticate to AWS, you must specify the region to connect to. By default, the cluster to connect to must be in the same region. However, if you specify the region, you can still connect to a cluster in a different region without updating the AWS-configured region.
Combine connection to a cluster in a different region with the above merging of credentials into \~/.kube/config to simplify applying operations across multiple regions.
|
The following is an example of connecting to a cluster in a different region:
- name: Configure AWS credentials uses: https://github.com/cloudbees-io/configure-aws-credentials@v1 with: role-to-assume: arn:aws:iam::123456789012:role/my-cloudbees-actions-role aws-region: eu-west-2 - name: Log in to Amazon EKS cluster in a different region uses: https://github.com/cloudbees-io/configure-eks-credentials@v1 with: name: my-eks-cluster-name region: us-east-2