Use this action to configure Amazon Elastic Kubernetes Service (EKS) credentials for use in CloudBees workflows.
This action updates your \~/.kube/config with credentials for connecting to an EKS cluster.
Make sure to add the following to your YAML file:
- name: Check out repo
uses: actions/checkout@v1
- name: Configure AWS credentials
uses: cloudbees-io/configure-aws-credentials@v1
with:
role-to-assume: arn:aws:iam::123456789012:role/my-cloudbees-actions-role
aws-region: your-aws-region| Input name | Data type | Required? | Description |
|---|---|---|---|
|
String |
Yes |
The EKS cluster name. |
|
String |
No |
The EKS role to assume. |
|
String |
No |
The user alias. |
|
String |
No |
The EKS alias. |
Authenticate to EKS with the current credentials role.
- name: Log in to Amazon EKS
uses: cloudbees-io/configure-eks-credentials@v1
with:
name: my-eks-cluster-name
- name: Do some things with the cluster
uses: docker://alpine/k8s:latest
run: |
kubectl apply -k ...To get correct credentials for EKS, you may at times need to assume a role different from your current role.
|
Note
|
The current AWS credentials must be able to assume the role. |
- name: Log in to Amazon EKS
uses: cloudbees-io/configure-eks-credentials@v1
with:
name: my-eks-cluster-name
role-to-assume: my-eks-admin-role
- name: Do some things with the cluster
uses: docker://alpine/k8s:latest
run: |
helm install ...|
Tip
|
To assume a different role, use the role-session-name and role-external-id options available in configure AWS credentials action.
|
Merge the credentials into \~/.kube/config so you can chain multiple times; for example, if you need to have multiple EKS clusters authenticated, or switch between different authentications for the same cluster.
|
Note
|
The workflow always sets the current context, so the last one takes precedence. |
- name: Log in to Amazon EKS as admin
uses: cloudbees-io/configure-eks-credentials@v1
with:
name: my-eks-cluster-name
role-to-assume: my-eks-admin-role
user-alias: admin
alias: cluster-with-admin
- name: Log in to Amazon EKS as regular user
uses: cloudbees-io/configure-eks-credentials@v1
with:
name: my-eks-cluster-name
user-alias: standard
alias: cluster-without-admin
- name: Do some things with the cluster
uses: docker://alpine/k8s:latest
run: |
helm --kubecontext cluster-with-admin install ...
kubectl --context cluster-without-admin get pods ...
kubectl --context cluster-with-admin patch ...To authenticate to AWS, you must specify the region to connect to. By default, the cluster to connect to must be in the same region. However, if you specify the region, you can still connect to a cluster in a different region without updating the AWS-configured region.
|
Tip
|
Combine connection to a cluster in a different region with the above merging of credentials into \~/.kube/config to simplify applying operations across multiple regions.
|
The following is an example of connecting to a cluster in a different region:
- name: Configure AWS credentials
uses: cloudbees-io/configure-aws-credentials@v1
with:
role-to-assume: arn:aws:iam::123456789012:role/my-cloudbees-actions-role
aws-region: eu-west-2
- name: Log in to Amazon EKS cluster in a different region
uses: cloudbees-io/configure-eks-credentials@v1
with:
name: my-eks-cluster-name
region: us-east-2This code is made available under the MIT license.
-
Learn more about using actions in CloudBees workflows.
-
Learn about the CloudBees platform.
