- Mais recentes
- Mais votos
- Mais comentários
Hello,
You will have to pass the EKS cluster name as a header i.e. --header "x-k8s-aws-id: $cluster_name"
in your curl request as shown below:
cluster_name="<cluster name>"
TOKEN=$(aws eks get-token --cluster-name $cluster_name | jq '.status.token' | sed "s/\"//g")
TOKEN_DECODED=$(echo $TOKEN | base64 --decode)
URL=https://sts.amazonaws.com/?Action=GetCallerIdentity${TOKEN_DECODED}
curl --header "x-k8s-aws-id: $cluster_name" $URL
The above commands will output the GetCallerIdentityResult
.
If you are trying to run curl commands on the kubernetes API server, you can use the below command:
TOKEN=$(aws eks get-token --cluster-name $cluster_name | jq '.status.token' | sed "s/\"//g")
curl -Ik -XGET -H "Authorization: Bearer $TOKEN" 'https://ABCDEFG.gr7.region-code.eks.amazonaws.com/api/v1/namespaces'
Please let me know if you are able to get successful response while using the above method.
Thank you!
Hello,
The error you are seeing occurs when the AWS credentials are mis-configured on your system. You can try running the command aws sts get-caller-identity
to see if the AWS credentials are correctly set or not.
Hope this helps!
So that results in this: [root@ip-172-24-147-143 ~]# aws sts get-caller-identity { "UserId": "AROAYE5MLXBG5MUX6MP2K:i-0b7400000070fa67b", "Account": "0000000000", "Arn": "arn:aws:sts::0000000000:assumed-role/TTT-DEV-EC2-JenkinsMaster-Instance/i-0b7400000070fa67b" }
Which is what I expect.
Conteúdo relevante
- AWS OFICIALAtualizada há 9 meses
- AWS OFICIALAtualizada há 6 meses
- AWS OFICIALAtualizada há 2 anos
How long are the TOKENs good for?