EKS Administration

view eks resources from aws console to view eks resources directly from the aws console you have to perform the following steps from the microtica console, choose the kubernetes resource and copy the eksconsolerolename output parameter value go to aws console header menu, choose switch role enter your account id, role name that you copied from microtica console and choose a display name for the role you will be redirect to the aws console, navigate to eks, choose a cluster and you will be able to view all resources for the cluster directly in the aws console setup local access to your kubernetes cluster to access the kubernetes cluster, you must first obtain the credentials from the aws console go to the aws console and navigate to the aws secret manager under "secret value," click on "retrieve secret value" to securely access the kubernetes credentials next, create a new cluster using the kubectl utility open your terminal or command prompt ensure that you have the kubectl utility installed and properly configured to access your cluster use the following command as a template, replacing the placeholder values with your actual secret information export cluster name="\<name of the cluster>" && \\ export endpoint="\<endpoint>" && \\ export api token="\<apitoken>" configure new cluster kubectl config set cluster $cluster name server=$endpoint insecure skip tls verify=true && \\ kubectl config set credentials $cluster name token=$api token && \\ kubectl config set context $cluster name cluster=$cluster name user=$cluster name && \\ kubectl config use context $cluster name shell to a running container to log in to a specific pod deployed in the kubernetes cluster, follow these steps in your terminal \# list all pods in 'microtica' namespace replace the namespace if you deployed the service in namespace other then the default 'microtica' namespace kubectl get pods n microtica \# choose the pod you want to login into kubectl exec it \<pod name> sh n microtica access applications in a cluster to interact with an application that is running within a kubernetes cluster from your local environment, follow these steps in your terminal \# list all pods in 'microtica' namespace replace the namespace if you deployed the service in namespace other then the default 'microtica' namespace kubectl get pods n microtica \# choose the pod you want to access into kubectl port forward \<pod name> \<local port> \<container port> grant applications access to aws resources by default, the eks cluster is set up with minimal permissions to aws resources, prioritizing security however, many times the applications running within the cluster require access to specific aws resources such as ses, sqs, sns, and cognito to ensure smooth operation to accomplish this, follow these steps to extend the default permissions access the aws console navigate to the iam service in the iam dashboard, search for the "nodeinstancerole" role linked to your eks cluster within the role details, locate the "add permissions" dropdown menu from the dropdown, choose "attach policies" browse and choose the policy that provides the required permissions for the aws resources your apps need to access after selecting the desired policy, click the "add permissions" button to apply the changes by following these steps, you can seamlessly grant your applications the necessary access to aws resources while maintaining the overall security of your eks cluster