How to handle multiple AWS accounts in Kops?

6/25/2018

Can I pass AWS creds to Kops CLI or programmatically? How to handle multiple AWS accounts?

-- Punit Naik
amazon-web-services
kops
kubernetes

1 Answer

6/25/2018

You can redefine the KOPS_STATE_STORE environment variable to point to different s3 buckets in different aws accounts. You'll also have to export AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY variables for the given s3 bucket's account authorization.

To make the switch easier on yourself, do the following. Create two export var files, let's call them aws_cluster_acct_1.env and aws_cluster_acct_2.env.

aws_cluster_acct_1.env:

export AWS_ACCESS_KEY_ID=foo1

export AWS_SECRET_ACCESS_KEY=bar1

export KOPS_STATE_STORE=s3://aws-account-kops-bucket-1

aws_cluster_acct_2.env:

export AWS_ACCESS_KEY_ID=foo2

export AWS_SECRET_ACCESS_KEY=bar2

export KOPS_STATE_STORE=s3://aws-account-kops-bucket-2

Now when you want to switch between KOPS clusters in different AWS accounts, you can run either source aws_cluster_acct_1.env or source aws_cluster_acct_2.env and that will load up the appropriate environment variables for you to start doing stuff with either AWS account's KOPS clusters.

-- erstaples
Source: StackOverflow