- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
Hello,
You will have to pass the EKS cluster name as a header i.e. --header "x-k8s-aws-id: $cluster_name"
in your curl request as shown below:
cluster_name="<cluster name>"
TOKEN=$(aws eks get-token --cluster-name $cluster_name | jq '.status.token' | sed "s/\"//g")
TOKEN_DECODED=$(echo $TOKEN | base64 --decode)
URL=https://sts.amazonaws.com/?Action=GetCallerIdentity${TOKEN_DECODED}
curl --header "x-k8s-aws-id: $cluster_name" $URL
The above commands will output the GetCallerIdentityResult
.
If you are trying to run curl commands on the kubernetes API server, you can use the below command:
TOKEN=$(aws eks get-token --cluster-name $cluster_name | jq '.status.token' | sed "s/\"//g")
curl -Ik -XGET -H "Authorization: Bearer $TOKEN" 'https://ABCDEFG.gr7.region-code.eks.amazonaws.com/api/v1/namespaces'
Please let me know if you are able to get successful response while using the above method.
Thank you!
Hello,
The error you are seeing occurs when the AWS credentials are mis-configured on your system. You can try running the command aws sts get-caller-identity
to see if the AWS credentials are correctly set or not.
Hope this helps!
So that results in this: [root@ip-172-24-147-143 ~]# aws sts get-caller-identity { "UserId": "AROAYE5MLXBG5MUX6MP2K:i-0b7400000070fa67b", "Account": "0000000000", "Arn": "arn:aws:sts::0000000000:assumed-role/TTT-DEV-EC2-JenkinsMaster-Instance/i-0b7400000070fa67b" }
Which is what I expect.
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 3 Jahren
- AWS OFFICIALAktualisiert vor 7 Monaten
- AWS OFFICIALAktualisiert vor 6 Monaten
How long are the TOKENs good for?