Edit - Development Services - Confluence

Development Services

All content
Space settings

Results will update as you type.

How-to article
•
Troubleshooting article
•
Architectures
Solutions
•
Training for Developers

draw.io Diagrams

Development Services

/

/

How to Setup SSO and aws-vault

Editing restoredWe've lost our connection to you, so we've disabled editing to prevent any issues. You'll be able to edit once we reconnect. Trying to reconnect

SSO is used for Programatic access and to login to AWS console.

Open URL for SSO [https://domain.awsapps.com/start].
Use your SSO [username] and [password] to sign in.
Click on Management console to open AWS console or click on Command line or programmatic access for programmatic access.
After clicking on Command line or programmatic access use temporary keys by clicking on Click to copy these commands and paste the credentials in terminal.

Another option is to use aws-vault with SSO.

Install aws-vault.
vim .aws/config
Paste the SSO config in the file:
1[profile example-dev] 2sso_start_url=https://example.awsapps.com/start 3sso_region=us-west-1 4sso_account_id=987654321 5sso_role_name=AdministratorAccess 6region=us-west-1
Use aws-vault exec command to exec to AWS account. For example, to exec to example-dev use aws-vault exec example-dev . This command redirects to web and waits for you to login to SSO and allow the request.

After both options you will be able to exec to EKS cluster.

aws eks update-kubeconfig --name [cluster-name] --region [region-name]
Use this command to get all pods from all namespaces:
kubectl get pods -A
Use this command to exec to one of pods:
kubectl exec -it pod/[pod-name] /bin/bash

{"serverDuration": 24, "requestCorrelationId": "b421524848a6490e93e207b7c15f24e2"}