I would like do use the hashicorp vault to get temporary AWS Credencial and using it to access the EKS service.
The problem is, the STS AWS credentials no valid for more than 12 hours, so, this script will automate the process.
Auth methods supported:
- github
- Download the binary from github page or on OsX:
brew install luizm/tap/eks-login
- In the correct context into kubeconfig file, edit the
command
block and useeks-login
instead ofaws cli
oraws-iam-authenticator
Example:
- name: cluster-name
user:
exec:
apiVersion: client.authentication.k8s.io/v1alpha1
command: eks-login
args:
- -cluster-name
- <CLUSTER_NAME>
- -vault-addr
- <https://VAULT_ENDPOINT>
- -vault-path
- <PATH_TO_GET_THE_CREDENDIALS>