Configuring EKS cluster access
In this section, we will look in more detail at the configuration of the two key files needed to securely access your cluster, kubeconfig
and aws-auth
, along with the use of IP controls to secure EKS endpoints.
Configuring .kube/config
The kubeconfig file is central to providing access to the cluster. The clusters
list has an entry for each cluster you want to access, containing both the DNS name and the TLS certificate to allow communication to take place. These entries can be added manually or through the update-kubeconfig
CLI command. The following is an example kubeconfig
file:
clusters: - cluster:   certificate-authority-data: xx==   server: https://65787.gr7.eu-central-1.eks.amazonaws.com   name: arn:aws:eks:eu-central-1:111999:cluster/mycluster
The context
section in the kubeconfig
file is used to group access parameters together for a client tool such as kubectl. You can have different contexts to access...