A quick utility for finding and downloading kubeconfig files for all reachable EKS clusters.
This utility will download a kubeconfig file for all EKS clusters it can locate through all AWS
profiles in your ~/.aws/credentials file. It does as much as possible in parallel so overall
runtime is very small for the number of profiles and regions retrieved.
It will tolerate redundant profiles.
On MacOS: brew install clouddrove/kuconf
(if you happen to use brew on Linux, you can also use the above)
On Linux or Windows: Download the appropriate package from the latest release page.
kuconfThis will use every profile in your ~/.aws/credentials and download kubeconfig for every cluster located.
$ time kuconf
6:23PM ERR Error reaching AWS error="InvalidClientTokenId: The security token included in the request is invalid.\n\tstatus code: 403, request id: 921c04ea-ba2f-4613-8d6a-2d9ca2aa7a23" profile=test region=us-east-1
6:23PM INF Statistics clusters=5 fatal_errors=0 profiles=8 regions=17 unique_profiles=7 usable_profiles=7
kuconf 0.24s user 0.10s system 9% cpu 3.730 total
➜ grep -- "- context:" ~/.kube/config| wc -l
5Usage: kuconf
Download kubeconfigs in bulk by examining clusters across multiple profiles and regions
Flags:
-h, --help Show context-sensitive help.
--version Show program version
Input
-k, --kube-config="~/.kube/config" Kubeconfig file
-c, --credentials-file="~/.aws/credentials" AWS Credentials File
--regions=us-east-1,us-east-2,us-west-1,us-west-2,... List of regions to check ($AWS_REGIONS)
--profiles=PROFILES,... List of AWS profiles to use. Will discover profiles if not specified ($AWS_PROFILES)
Info
--debug Show debugging information
--output-format="auto" How to show program output (auto|terminal|jsonl)
--quiet Be less verbose than usual
Unless overridden, this program will try to use every profile found in ~/.aws/credentials. It is
NOT an error if the profile's initial session connection is rejected (i.e. you can have out-of-date profiles without causing problems). Any profile which cannot be used will be reported as an
error but will NOT impact the exit value of the run.
Profiles can be overridden by --profiles command line option or the AWS_PROFILES environment
variable.
By default it will fetch clusters from each of us-east-1, us-east-2, us-west-1, us-west-2, us-east-1, us-east-2, us-west-1, us-west-2,ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1.
The default regions can be overridden using the --regions command line option or the AWS_REGIONS
environment variable.
- If there are multiple profiles referencing the same account, which profile will be used is not deterministic. If these profiles have different IAM credentials, this can lead to permission errors either downloading the config or using the cluster. It could also lead to audit logging differences.
The author of Orignal Repo is Mr. Dewey Sasser, we truly appreciate his efforts and time in creating it.
If you come across a bug or have any feedback, please log it in our issue tracker, or feel free to drop us an email at [email protected].
If you have found it worth your time, go ahead and give us a ★ on our GitHub!
At CloudDrove, we offer expert guidance, implementation support and services to help organizations accelerate their journey to the cloud. Our services include docker and container orchestration, cloud migration and adoption, infrastructure automation, application modernization and remediation, and performance engineering.
We are The Cloud Experts!
We ❤️ Open Source and you can check out our other modules to get help with your new Cloud ideas.