-
Notifications
You must be signed in to change notification settings - Fork 249
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Missing EKS get-token #980
Comments
I think that's a custom function exclusive to the CLI. Code here: https://github.com/aws/aws-cli/blob/00a26836b824deb9a07c8b9d06ddfddec084cafc/awscli/customizations/eks/get_token.py#L222 |
Oh. Awesome. Thanks! |
|
If anyone comes across this and is looking for the implementation: pub fn generate_token<'a>(
region: &Region,
headers: impl Iterator<Item = (&'a str, &'a str)>,
credentials: &Credentials,
duration: Option<Duration>,
time: Option<SystemTime>,
) -> Result<String, SigningError> {
let expiration = credentials.expiry();
let region = region.to_string();
let identity = Identity::new(credentials.clone(), expiration);
let mut signing_settings = SigningSettings::default();
signing_settings.signature_location = SignatureLocation::QueryParams;
signing_settings.expires_in = duration.or(Some(Duration::from_secs(60))); // 1 minute
let signing_params = aws_sigv4::sign::v4::SigningParams::builder()
.identity(&identity)
.region(®ion)
.name("sts")
.time(time.unwrap_or(SystemTime::now()))
.settings(signing_settings)
.build()
.unwrap();
// Convert the HTTP request into a signable request
let url =
format!("https://sts.{region}.amazonaws.com/?Action=GetCallerIdentity&Version=2011-06-15");
let signable_request =
SignableRequest::new("GET", url.clone(), headers, SignableBody::Bytes(&[]))
.expect("signable request");
let (signing_instructions, _signature) = aws_sigv4::http_request::sign(
signable_request,
&aws_sigv4::http_request::SigningParams::V4(signing_params),
)?
.into_parts();
let mut my_req = Request::builder().uri(url).body(()).unwrap();
signing_instructions.apply_to_request_http0x(&mut my_req);
let uri = my_req.uri().to_string();
Ok(format!("k8s-aws-v1.{}", encode(uri)))
} |
Any idea how it should look like next part where you actually use this token? |
I use:
with something like:
|
thank you so much for your quick response! |
Describe the feature
the
aws_sdk_eks
crate appears to be missing theget-token
call.https://docs.aws.amazon.com/cli/latest/reference/eks/get-token.html
Use Case
Get-Token is needed to auth into EKS clusters: https://docs.aws.amazon.com/eks/latest/userguide/create-kubeconfig.html
Proposed Solution
No response
Other Information
No response
Acknowledgements
A note for the community
Community Note
The text was updated successfully, but these errors were encountered: