To install these command line interfaces on your Mac OS X, use Homebrew.
brew install awscli
Next, use Homebrew to install kubectl .
brew install kubernetes-cli
If you’re like most enterprises and your leveraging Okta, then you’ll need to install the aws-okta cli as well. Aws-okta will require you to setup your Two-Factor Authentication (2FA) as Okta will send push notifications asking for permission to execute commands on your cluster.
brew install aws-okta
Next, you’ll need to setup your AWS okta configuration for your profile. Your Okta administrator will need to provision you with the AWS App Embed URL from the General tab of the AWS application in your Okta org. You’ll navigate to ~/.aws/config, to set the aws_saml_url. Your Okta admin also should provision you with a profile. Your configuration in ~/.aws/config should end up looking like
[profile allcode-devops] aws_saml_url = home/amazon_aws/0oakkzcxxxxk5Dnvv0xx/272 role_arn = arn:aws:iam::557625315111:role/Allcode-Admin
To execute any aws-cli or kubectl command you will be required to use aws-okta like this:
aws-okta exec allcode-devops -- kubectl
This can be painful to type every time. Our recommendation setup an alias.
alias k8s-ac="aws-okta exec allcode-devops -- kubectl"
Alternatively, you can setup bash scripts. Remember the alias cannot be referenced in bash scripts. Below is an example of the contents of a bash script entitled get_pods.sh to get all of the available pods
aws-okta exec allcode-devops -- kubectl get pods
Invoking “get pods” will provide you with a list of all of the pods that are currently active in the cluster. You will use the name of the pod to invoke specific operations on a pod.
NAME READY STATUS RESTARTS AGE website-1560438000-95nvl 0/1 Completed 0 8h app-server-k68kt 0/1 Completed 0 2m45s rds-client-gkrlj 0/1 Completed 0 105s
To learn how to acquire bash access to one of your pods, read this blog post