DEV Community

MakendranG for Kubernetes Community Days Chennai

Posted on • Updated on

Introduction to Amazon EKS Connector

You can use Amazon EKS Connector to register and be a part of any conformant Kubernetes cluster to AWS and visualize it in the Amazon EKS console. You can see the status, configuration, and workload in the Amazon EKS console after a cluster is connected. You can use this feature to view connected clusters, but you can't control them.

EKS

The Amazon EKS Connector can connect the following kinds of Kubernetes clusters to Amazon EKS. The Amazon EKS Connector is also an open supply project on Github.

  • The clusters are on-premises.
  • There are clusters on Amazon Elastic Compute Cloud.
  • Other cloud providers have managed clusters.

Amazon EKS Connector considerations

Understand the following before using Amazon EKS Connector:

  • You should have administrative privileges to the Kubernetes cluster to join the cluster to Amazon EKS.
  • Before connecting, the cluster must have Linux worker nodes present. ARM worker nodes aren't supported.
  • Outbound access to the ssm. and ssmmessages is required for you to have worker nodes in your cluster.
  • Up to 10 clusters can be connected by default. The service quota console can be used to request an increase.
  • Only the Amazon EKS RegisterCluster, ListClusters, DescribeCluster, and DeregisterCluster are supported by external Kubernetes clusters.
  • Permissions are needed to register a cluster.
  1. eks:RegisterCluster
  2. ssm:CreateActivation
  3. ssm:DeleteActivation
  4. iam:PassRole
  • Permissions are needed to deregister a cluster.
  1. eks:DeregisterCluster
  2. ssm:DeleteActivation
  3. ssm:DeregisterManagedInstance

Required IAM roles for Amazon EKS Connector

The following two roles are required for using the Amazon EKS Connector.

  • The service-linked role of amazon EKS connector is created when you register the cluster.
  • The agent IAM role of Amazon EKS Connector have to be created manually.

To enable cluster and workload view permission for another user, you must apply the eks-connector and Amazon EKS Connector cluster roles to your cluster.

Thanks for reading my article till end. I hope you learned something special today. If you enjoyed this article then please share to your friends and if you have suggestions or thoughts to share with me then please write in the comment box.

Discussion (0)