Unable to get aws-iam-authenticator in config-map while applying through AWS CodeBuild

5/14/2019

I am making CICD pipeline, using AWS CodeBuild to build and deploy application(service) to aws eks cluster. I have installed kubectl and aws-iam-authenticator properly, getting aws instead of aws-iam-authenticator in command

kind: Config 
preferences: {} 
users: 
- name: arn:aws:eks:ap-south-1:*******:cluster/DevCluster 
user: 
exec: 
apiVersion: client.authentication.k8s.io/v1alpha1 
args: 
- eks 
- get-token 
- --cluster-name 
- DevCluster 

command: aws

env: null 

[Container] 2019/05/14 04:32:09 Running command kubectl get svc  error: the server doesn't have a resource type "svc"

I donot want to edit configmap manually because it comes through pipeline.

-- Priya Rani
amazon-web-services
aws-eks
kubectl
kubernetes

2 Answers

5/14/2019

Why you don't just load a proper/dedicated kube config file, by setting KUBECONFIG env variable inside your CICD pipeline, like this:

export KUBECONFIG=$KUBECONFIG:~/.kube/config-devel

which would include a right command to use with aws-iam-authenticator:

#
#config-devel
#
...
kind: Config
preferences: {}
users:
- name: aws
  user:
    exec:
      apiVersion: client.authentication.k8s.io/v1alpha1
      command: aws-iam-authenticator
      args:
        - "token"
        - "-i"
        - "<cluster-name>"
-- Nepomucen
Source: StackOverflow

6/6/2019

As @Priya Rani said in the comments, he found the solution.

There is no issue with configmap file. Its all right.

1) I need to make Cloudformation (cluster+nodeinstance)trusted role to communicate with Codebuild by editing trusted role.

2) Need to add usedata section to communicate node instance with clusters.

-- Black_Bacardi
Source: StackOverflow