What is the difference between iam-aws-authenticator and aws eks get-token?

Question

These two command both generate tokens to login to EKS   
  
  * AWS_PROFILE=MYPROFILE aws eks get-token --cluster-name myclustername | jq -r '.status.token'  
  * AWS_PROFILE=MYPROFILE aws-iam-authenticator -i myclustername token --token-only  
  
I can use the aws eks get-token with kubectl no problem but I can't use that token to login to kubernetes-dashboard.   
But I can use the aws-iam-authenticator token to login to kubernetes-dashboard.   
  
I thought both tokens just identify me as arn:aws:iam::111111111:user/username  but there must be some difference.  
  
So what are the differences? or how I can troubleshoot this? Is there any command can show what the token authenticates to?

Answer

Never mind, I didn't realize that I spelled the name of the cluster wrong in the  aws eks get-token --cluster-name xxxxx.   
  
The tokens generated by both commands are valid credentials to login to kubernetes-dashboard and kubectl  
  
The command will not complaint if you provide a non-existing cluster name.

What is the difference between iam-aws-authenticator and aws eks get-token?

相關內容