Try it now and let us know what you think. Switch to the new look >>
You can return to the original look by selecting English in the language selector above.
Installing
aws-iam-authenticator
Amazon EKS uses IAM to provide authentication to your Kubernetes cluster through the AWS IAM Authenticator for Kubernetes. You can configure the stock kubectl client to work with Amazon EKS by installing the AWS IAM Authenticator for Kubernetes and modifying your kubectl configuration file to use it for authentication.
- macOS
-
To install
aws-iam-authenticatorwith HomebrewThe easiest way to install the
aws-iam-authenticatoris with Homebrew.-
If you do not already have Homebrew installed on your Mac, install it with the following command.
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" -
Install the
aws-iam-authenticatorwith the following command.brew install aws-iam-authenticator -
Test that the
aws-iam-authenticatorbinary works.aws-iam-authenticator help
To install
aws-iam-authenticatoron macOSYou can also install the AWS-vended version of the
aws-iam-authenticatorby following these steps.-
Download the Amazon EKS-vended
aws-iam-authenticatorbinary from Amazon S3:curl -o aws-iam-authenticator https://amazon-eks.s3-us-west-2.amazonaws.com/1.14.6/2019-08-22/bin/darwin/amd64/aws-iam-authenticator -
(Optional) Verify the downloaded binary with the SHA-256 sum provided in the same bucket prefix.
-
Download the SHA-256 sum for your system.
curl -o aws-iam-authenticator.sha256 https://amazon-eks.s3-us-west-2.amazonaws.com/1.14.6/2019-08-22/bin/darwin/amd64/aws-iam-authenticator.sha256 -
Check the SHA-256 sum for your downloaded binary.
openssl sha1 -sha256 aws-iam-authenticator -
Compare the generated SHA-256 sum in the command output against your downloaded
aws-iam-authenticator.sha256file. The two should match.
-
-
Apply execute permissions to the binary.
chmod +x ./aws-iam-authenticator -
Copy the binary to a folder in your
$PATH. We recommend creating a$HOME/bin/aws-iam-authenticatorand ensuring that$HOME/bincomes first in your$PATH.mkdir -p $HOME/bin && cp ./aws-iam-authenticator $HOME/bin/aws-iam-authenticator && export PATH=$HOME/bin:$PATH -
Add
$HOME/binto yourPATHenvironment variable.echo 'export PATH=$HOME/bin:$PATH' >> ~/.bash_profile -
Test that the
aws-iam-authenticatorbinary works.aws-iam-authenticator help
-
- Linux
-
To install
aws-iam-authenticatoron Linux-
Download the Amazon EKS-vended
aws-iam-authenticatorbinary from Amazon S3:curl -o aws-iam-authenticator https://amazon-eks.s3-us-west-2.amazonaws.com/1.14.6/2019-08-22/bin/linux/amd64/aws-iam-authenticator -
(Optional) Verify the downloaded binary with the SHA-256 sum provided in the same bucket prefix.
-
Download the SHA-256 sum for your system.
curl -o aws-iam-authenticator.sha256 https://amazon-eks.s3-us-west-2.amazonaws.com/1.14.6/2019-08-22/bin/linux/amd64/aws-iam-authenticator.sha256 -
Check the SHA-256 sum for your downloaded binary.
openssl sha1 -sha256 aws-iam-authenticator -
Compare the generated SHA-256 sum in the command output against your downloaded
aws-iam-authenticator.sha256file. The two should match.
-
-
Apply execute permissions to the binary.
chmod +x ./aws-iam-authenticator -
Copy the binary to a folder in your
$PATH. We recommend creating a$HOME/bin/aws-iam-authenticatorand ensuring that$HOME/bincomes first in your$PATH.mkdir -p $HOME/bin && cp ./aws-iam-authenticator $HOME/bin/aws-iam-authenticator && export PATH=$HOME/bin:$PATH -
Add
$HOME/binto yourPATHenvironment variable.echo 'export PATH=$HOME/bin:$PATH' >> ~/.bashrc -
Test that the
aws-iam-authenticatorbinary works.aws-iam-authenticator help
-
- Windows
-
To install
aws-iam-authenticatoron Windows with Chocolatey-
If you do not already have Chocolatey installed on your Windows system, see Installing Chocolatey.
-
Open a PowerShell terminal window and install the
aws-iam-authenticatorpackage with the following command:choco install -y aws-iam-authenticator -
Test that the
aws-iam-authenticatorbinary works.aws-iam-authenticator help
To install
aws-iam-authenticatoron Windows-
Open a PowerShell terminal window and download the Amazon EKS-vended
aws-iam-authenticatorbinary from Amazon S3:curl -o aws-iam-authenticator.exe https://amazon-eks.s3-us-west-2.amazonaws.com/1.14.6/2019-08-22/bin/windows/amd64/aws-iam-authenticator.exe -
(Optional) Verify the downloaded binary with the SHA-256 sum provided in the same bucket prefix.
-
Download the SHA-256 sum for your system.
curl -o aws-iam-authenticator.sha256 https://amazon-eks.s3-us-west-2.amazonaws.com/1.14.6/2019-08-22/bin/windows/amd64/aws-iam-authenticator.exe.sha256 -
Check the SHA-256 sum for your downloaded binary.
Get-FileHash aws-iam-authenticator.exe -
Compare the generated SHA-256 sum in the command output against your downloaded SHA-256 file. The two should match, although the PowerShell output will be uppercase.
-
-
Copy the binary to a folder in your
PATH. If you have an existing directory in your PATH that you use for command line utilities, copy the binary to that directory. Otherwise, complete the following steps.-
Create a new directory for your command line binaries, such as
C:\bin. -
Copy the
aws-iam-authenticator.exebinary to your new directory. -
Edit your user or system PATH environment variable to add the new directory to your PATH.
-
Close your PowerShell terminal and open a new one to pick up the new PATH variable.
-
-
Test that the
aws-iam-authenticatorbinary works.aws-iam-authenticator help
-
If you have an existing Amazon EKS cluster, create a kubeconfig file for that
cluster. For more information, see Create a kubeconfig for
Amazon EKS. Otherwise, see Creating an Amazon EKS Cluster to create a new Amazon EKS
cluster.
