GithubHelp home page GithubHelp logo

mykolasmith / eks-rbac-sso Goto Github PK

View Code? Open in Web Editor NEW

This project forked from aws-samples/eks-rbac-sso

0.0 0.0 0.0 6 KB

This repository has configuration files to set up an open-source tool named Okta AWS CLI Assume Role Tool (https://github.com/oktadeveloper/okta-aws-cli-assume-role) for SSO of AWS CLI with Kubernetes' kubectl and eksctl. Using these configuration files, you can create a Docker image named okta-eks-image with Okta AWS CLI Assume Role Tool (https://github.com/oktadeveloper/okta-aws-cli-assume-role), kubectl, and eksctl installed and configured.

License: MIT No Attribution

Dockerfile 23.65% Shell 76.35%

eks-rbac-sso's Introduction

Overview

This repository has configuration files to set up an open-source tool named Okta AWS CLI Assume Role Tool (https://github.com/oktadeveloper/okta-aws-cli-assume-role) for SSO of AWS CLI with Kubernetes' kubectl and eksctl. Using these configuration files, you can create a Docker image named okta-eks-image with Okta AWS CLI Assume Role Tool (https://github.com/oktadeveloper/okta-aws-cli-assume-role), kubectl, and eksctl installed and configured.

You can follow these directions on AWS Cloud9 IDE or MacOS. Read the accompanying blog here http:///blog.url

Clone this repository

Let's get started by cloning this repository.

mkdir ~/environment
cd ~/environment 
git clone https://github.com/hnaqvi01/Okta-EKS.git

Build the docker image

docker build -t okt-eks-image .

Edit Okta properties file

Edit the okta_eks_role.properties file, you can use VIM editor or your favorite editor

cd ~/environment/Okta-EKS
vi okta_eks_role.properties

okta_eks_role.properties has several place holders, replace with valid values

OKTA_ORG=dev-111111.okta.com
OKTA_AWS_APP_URL=https://dev-111111.okta.com/home/amazon_aws/1111aaa111/111
[email protected]
OKTA_AWS_ROLE_TO_ASSUME=arn:aws:iam::11111:role/OktaEKSRole
OKTA_AWS_REGION=us-west-2
OKTA_PROFILE=default

Run the docker image and connect to it

docker run -v ~/environment/Okta-EKS/okta_eks_role.properties:/root/.okta/config.properties  -v /var/run/docker.sock:/var/run/docker.sock -v ~/environment/Okta-EKS/aftifacts/:/root/artifacts/ -it okta-eks-image /bin/bash

Verify okta-aws-cli-assume-role setup

The docker image okta-eks-image has the okta-aws-cli-assume-role installed configured. This open source tool (https://github.com/oktadeveloper/okta-aws-cli-assume-role%20okta-aws-cli-assume-role) creates a shell function named okta-aws. This function supports bash and fish and it can run AWS CLI commands with Okta SSO. Let's verify its setup by getting the current AWS identity.

okta-aws default sts get-caller-identity

It will prompt you for your Okta password, username will be pre-filled with the value you provided in the okta_eks_role.properties file. Enter your Okta password and the response will be similar to this

{
    "Account": "xxxxx", 
    "UserId": "sssssd:[email protected]", 
    "Arn": "arn:aws:sts::xxxxxxx:assumed-role/OktaEKSRole/[email protected]"
}

You are all set to use Okta SSO with kubectl, read this blog for more details http:///blog.url.

eks-rbac-sso's People

Contributors

amazon-auto avatar hainaqvi avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.