EKS Provider

​

Authentication

• region: AWS region where the EKS cluster is located (required: True, sensitive: False)
• cluster_name: Name of the EKS cluster (required: True, sensitive: False)
• access_key: AWS access key (Leave empty if using IAM role at EC2) (required: False, sensitive: True)
• secret_access_key: AWS secret access key (Leave empty if using IAM role at EC2) (required: False, sensitive: True)

• eks:DescribeCluster: Required to get cluster information (mandatory) (Documentation)
• eks:ListClusters: Required to list available clusters (mandatory) (Documentation)
• pods:delete: Required to delete/restart pods (Documentation)
• deployments:scale: Required to scale deployments (Documentation)
• pods:list: Required to list pods (Documentation)
• pods:get: Required to get pod details (Documentation)
• pods:logs: Required to get pod logs (Documentation)

​

In workflows

steps:
    - name: Query eks
      provider: eks
      config: "{{ provider.my_provider_name }}"
      with:
        command_type: {value}  # Type of query to execute
        # Additional arguments for the query

• eks_advanced.yml
• eks_basic.yml

​

Provider Methods

• get_pods List all pods in a namespace or across all namespaces (view, scopes: pods:list, pods:get)
  • namespace: The namespace to list pods from. If None, lists pods from all namespaces.
• get_pvc List all PVCs in a namespace or across all namespaces (view, scopes: pods:list)
  • namespace: The namespace to list pods from. If None, lists pods from all namespaces.
• get_node_pressure Get pressure metrics for all nodes (view, scopes: pods:list)
• exec_command Execute a command in a pod (action, scopes: pods:exec)
  • namespace: Namespace of the pod
  • pod_name: Name of the pod
  • command: Command to execute (string or array)
  • container: Name of the container (optional, defaults to first container)
• restart_pod Restart a pod by deleting it (action, scopes: pods:delete)
  • namespace: Namespace of the pod
  • pod_name: Name of the pod
• get_deployment Get deployment information (view, scopes: pods:list)
  • deployment_name: Name of the deployment to get
  • namespace: Target namespace (defaults to “default”)
• scale_deployment Scale a deployment to specified replicas (action, scopes: deployments:scale)
  • deployment_name: Name of the deployment to get
  • namespace: Target namespace (defaults to “default”)
  • replicas: Number of replicas to scale to
• get_pod_logs Get logs from a pod (view, scopes: pods:logs)
  • namespace: Namespace of the pod
  • pod_name: Name of the pod
  • container: Name of the container (optional)
  • tail_lines: Number of lines to fetch from the end of logs (default: 100)

​

Connecting with the Provider

1. Log in to your AWS Console
2. Create an IAM user with EKS permissions:

aws iam create-user --user-name eks-user

3. Attach required policies:

aws iam attach-user-policy --user-name eks-user --policy-arn arn:aws:iam::aws:policy/AmazonEKSClusterPolicy
aws iam attach-user-policy --user-name eks-user --policy-arn arn:aws:iam::aws:policy/AmazonEKSServicePolicy

4. Create access keys

aws iam create-access-key --user-name eks-user

{
  "AccessKey": {
    "AccessKeyId": "AKIAXXXXXXXXXXXXXXXX",
    "SecretAccessKey": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "Status": "Active"
  }
}

5. Note your cluster name and region from the EKS console or using:

aws eks list-clusters --region <your-region>

​

Required Permissions

1. eks:DescribeCluster
2. eks:ListClusters

3. eks:AccessKubernetesApi for pod/deployment operations
4. eks:UpdateCluster for scaling operations