Skip to main content

Crate kube_eks_config

Crate kube_eks_config 

Source
Expand description

§kube-eks-config

Helpers for building a kube_client::Client (or kube_client::Config) directly from an Amazon EKS cluster, without manually managing a kubeconfig file on disk.

§How it works

The crate calls the AWS EKS DescribeCluster API to retrieve the cluster’s HTTPS endpoint and certificate-authority data, then converts those values into the configuration structs used by kube_client. Authentication (bearer tokens) is intentionally omitted: EKS uses short-lived tokens obtained via aws eks get-token, IRSA, or EKS Pod Identity — none of which belong in a static config.

§Quick start

use kube_eks_config::{TryEksClusterExt, default_aws_client};

#[tokio::main]
async fn main() -> kube_client::Result<()> {
    // Credentials are loaded from the environment (see [`default_aws_client`])
    let aws = default_aws_client().await;

    // One call produces a ready-to-use Kubernetes client
    let client = aws.try_eks_kube_client("my-cluster").await?;
    let _ = client;
    Ok(())
}

§AWS credentials

default_aws_client resolves credentials via the standard AWS provider chain (highest priority first):

  1. Environment variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, …)
  2. AWS shared credentials / config files (~/.aws/credentials)
  3. Web identity / IRSA (AWS_WEB_IDENTITY_TOKEN_FILE + AWS_ROLE_ARN)
  4. Amazon EC2 / ECS instance metadata (IMDSv2)

Any custom aws_sdk_eks::Client can also be used directly with the TryEksClusterExt methods.

§Traits at a glance

TraitInputOutput
TryEksClusterExteks::Client + cluster namecluster / config / client
ToKubeConfigeks::types::Clusterkube_client::Config
IntoKubeconfigeks::types::Clusterkube_client::config::Kubeconfig

Traits§

IntoKubeconfig
Converts an eks::types::Cluster into a kube_client::config::Kubeconfig.
ToKubeConfig
Converts an eks::types::Cluster into a kube_client::Config.
TryEksClusterExt
Extension trait that adds EKS-aware helpers to aws_sdk_eks::Client.

Functions§

default_aws_client
Creates an aws_sdk_eks::Client from the default AWS credential chain.