Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Feature request: EKS get-token in boto3
See original GitHub issueHi!
Would it be possible to get the EKS get-token functionality from the AWS CLI as a function in boto3? This would make it easier for Python scripts to interact with EKS clusters.
Here’s what it could look like:
eks_client = boto3.client('eks')
token_response = eks_client.get_token(name=cluster_name)
token = token_response['token']
Here’s some context on how it could be used:
import tempfile
import boto3
import kubernetes # From: https://github.com/kubernetes-client/python
cluster_name = 'mycluster'
# Details from EKS
eks_client = boto3.client('eks')
eks_details = eks_client.describe_cluster(name=cluster_name)['cluster']
# Saving the CA cert to a temp file (working around the Kubernetes client limitations)
fp = tempfile.NamedTemporaryFile(delete=False)
ca_filename = fp.name
cert_bs = base64.urlsafe_b64decode(eks_details['certificateAuthority']['data'].encode('utf-8'))
fp.write(cert_bs)
fp.close()
# Token for the EKS cluster
token = eks_client.get_token(name=cluster_name)['token']
# Kubernetes client config
conf = kubernetes.client.Configuration()
conf.host = eks_details['endpoint']
conf.api_key['authorization'] = token
conf.api_key_prefix['authorization'] = 'Bearer'
conf.ssl_ca_cert = ca_filename
k8s_client = kubernetes.client.ApiClient(conf)
# Doing something with the client
v1 = kubernetes.client.CoreV1Api(k8s_client)
v1.list_namespaced_pod('default')
Let me know if you need more details.
Issue Analytics
- State:
- Created 4 years ago
- Reactions:1
- Comments:6 (2 by maintainers)
Top Results From Across the Web
EKS — Boto3 Docs 1.26.33 documentation - AWS
A low-level client representing Amazon Elastic Kubernetes Service (EKS) ... For the maximum number of claims that you can require, see Amazon EKS...
Read more >get-token — AWS CLI 1.27.34 Command Reference
Get a token for authentication with an Amazon EKS cluster. This can be used as an alternative to the aws-iam-authenticator.
Read more >eks-token - PyPI
eks -token. EKS Token package, an alternate to "aws eks get-token ..." CLI. CodeQuality Publish stable. logo. Usage. Installation. pip install eks-token ...
Read more >Using the Kubernetes Python Client with AWS - analogous.dev
TL;DR; We use the `boto3`, `eks-token`, and `kubernetes` python ... which simplifies making API requests against a Kubernetes cluster.
Read more >Orchestrating Amazon Kubernetes Service (EKS) from AWS ...
Building Lambda package · In my Boto version RequestSigner require an object type service_id botocore.model.ServiceId, so implemented this. · Since Lambda will ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I just wrapped the CLI logic into a function and released a package. Hope it helps everyone https://pypi.org/project/eks-token/
@azhar22k Maybe you’ve also seen: the process to create a token is also documented in the aws-iam-authenticator README.
https://github.com/kubernetes-sigs/aws-iam-authenticator/blob/master/README.md#api-authorization-from-outside-a-cluster