- Le plus récent
- Le plus de votes
- La plupart des commentaires
Hello,
You will have to pass the EKS cluster name as a header i.e. --header "x-k8s-aws-id: $cluster_name"
in your curl request as shown below:
cluster_name="<cluster name>"
TOKEN=$(aws eks get-token --cluster-name $cluster_name | jq '.status.token' | sed "s/\"//g")
TOKEN_DECODED=$(echo $TOKEN | base64 --decode)
URL=https://sts.amazonaws.com/?Action=GetCallerIdentity${TOKEN_DECODED}
curl --header "x-k8s-aws-id: $cluster_name" $URL
The above commands will output the GetCallerIdentityResult
.
If you are trying to run curl commands on the kubernetes API server, you can use the below command:
TOKEN=$(aws eks get-token --cluster-name $cluster_name | jq '.status.token' | sed "s/\"//g")
curl -Ik -XGET -H "Authorization: Bearer $TOKEN" 'https://ABCDEFG.gr7.region-code.eks.amazonaws.com/api/v1/namespaces'
Please let me know if you are able to get successful response while using the above method.
Thank you!
Hello,
The error you are seeing occurs when the AWS credentials are mis-configured on your system. You can try running the command aws sts get-caller-identity
to see if the AWS credentials are correctly set or not.
Hope this helps!
So that results in this: [root@ip-172-24-147-143 ~]# aws sts get-caller-identity { "UserId": "AROAYE5MLXBG5MUX6MP2K:i-0b7400000070fa67b", "Account": "0000000000", "Arn": "arn:aws:sts::0000000000:assumed-role/TTT-DEV-EC2-JenkinsMaster-Instance/i-0b7400000070fa67b" }
Which is what I expect.
Contenus pertinents
- demandé il y a 2 ans
- demandé il y a un an
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 8 mois
How long are the TOKENs good for?