EKS Administration

9min
View EKS Resources from AWS Console
To view EKS resources directly from the AWS Console you have to perform the following steps:
From the Microtica Console, choose the Kubernetes resource and copy the EKSConsoleRoleName output parameter value
Go to AWS Console header menu, choose Switch role
﻿
Enter your Account ID, Role name that you copied from Microtica Console and choose a Display Name for the role.
﻿
You will be redirect to the AWS console, navigate to EKS, choose a cluster and you will be able to view all resources for the cluster directly in the AWS Console.
Setup local access to your Kubernetes Cluster
To access the Kubernetes cluster, you must first obtain the credentials from the AWS Console.
Go to the AWS Console and navigate to the AWS Secret Manager.
Under "Secret Value," click on "Retrieve Secret Value" to securely access the Kubernetes credentials.
Next, create a new cluster using the kubectl utility:
Open your terminal or command prompt.
Ensure that you have the kubectl utility installed and properly configured to access your cluster.
Use the following command as a template, replacing the placeholder values with your actual secret information:

Shell
export CLUSTER_NAME="<name of the cluster>" && \
export ENDPOINT="<endpoint>" && \
export API_TOKEN="<apiToken>"
export CLUSTER_NAME="<name of the cluster>" && \
export ENDPOINT="<endpoint>" && \
export API_TOKEN="<apiToken>"
﻿
Configure New Cluster
kubectl config set-cluster $CLUSTER_NAME --server=$ENDPOINT --insecure-skip-tls-verify=true && \
kubectl config set-credentials $CLUSTER_NAME --token=$API_TOKEN && \
kubectl config set-context $CLUSTER_NAME --cluster=$CLUSTER_NAME --user=$CLUSTER_NAME && \
kubectl config use-context $CLUSTER_NAME
kubectl config set-cluster $CLUSTER_NAME --server=$ENDPOINT --insecure-skip-tls-verify=true && \
kubectl config set-credentials $CLUSTER_NAME --token=$API_TOKEN && \
kubectl config set-context $CLUSTER_NAME --cluster=$CLUSTER_NAME --user=$CLUSTER_NAME && \
kubectl config use-context $CLUSTER_NAME
﻿
Shell to a Running Container
To log in to a specific pod deployed in the Kubernetes cluster, follow these steps in your terminal:
Shell
# List all pods in 'microtica' namespace. Replace the namespace if you deployed the service in namespace other then the default 'microtica' namespace.
kubectl get pods -n microtica

# Choose the pod you want to login into
kubectl exec -it <pod name> sh -n microtica
# List all pods in 'microtica' namespace. Replace the namespace if you deployed the service in namespace other then the default 'microtica' namespace.
kubectl get pods -n microtica

# Choose the pod you want to login into
kubectl exec -it <pod name> sh -n microtica
﻿
Access Applications in a Cluster
To interact with an application that is running within a Kubernetes cluster from your local environment, follow these steps in your terminal:
Shell
# List all pods in 'microtica' namespace. Replace the namespace if you deployed the service in namespace other then the default 'microtica' namespace.
kubectl get pods -n microtica

# Choose the pod you want to access into
kubectl port-forward <pod name> <local port>:<container port>
# List all pods in 'microtica' namespace. Replace the namespace if you deployed the service in namespace other then the default 'microtica' namespace.
kubectl get pods -n microtica

# Choose the pod you want to access into
kubectl port-forward <pod name> <local port>:<container port>
﻿
Grant applications access to AWS resources
By default, the EKS cluster is set up with minimal permissions to AWS resources, prioritizing security. 
However, many times the applications running within the cluster require access to specific AWS resources such as SES, SQS, SNS, and Cognito to ensure smooth operation.
To accomplish this, follow these steps to extend the default permissions:
Access the AWS Console
Navigate to the IAM Service
In the IAM dashboard, search for the "NodeInstanceRole" role linked to your EKS cluster
Within the role details, locate the "Add Permissions" dropdown menu
From the dropdown, choose "Attach Policies"
Browse and choose the policy that provides the required permissions for the AWS resources your apps need to access
After selecting the desired policy, click the "Add permissions" button to apply the changes.

By following these steps, you can seamlessly grant your applications the necessary access to AWS resources while maintaining the overall security of your EKS cluster.
﻿
Attach custom policy
﻿
Select specific policy
﻿
﻿
Updated 18 Aug 2024
Did this page help you?
Amazon EKS
Node.js