Configure kubectl for Amazon EKS

To use the stock kubectl client for EKS you need to:

  • install the AWS IAM Authenticator for Kubernetes

  • modify your kubectl configuration file to use it for authentication


Other things that may be useful are:

  • helm – if you’re using Helm charts to manage your cluster in EKS
  • kubectl and awscli – goes without saying

E.g. check your aws cli version with:

aws --version and upgrade with pip install awscli --upgrade --user

  • assume-role – if you’re using IAM roles

  • nice to have is fzf:


To update your kubeconfig use:

aws eks update-kubeconfig --name CLUSTER_NAME-eks --region REGION

You’ll need an up-to-date version of the awscli. E.g. 1.15.53 won’t cut it.


To assume role use:

eval $(assume-role <role-name>)


If you get:

it would be because you don’t have a profile in your ~/.aws/config

Your profile in ~/.aws/config should look like:


You should be able to run:

assume-role <role-name>

and see the assume role output.





To test you can access your EKS cluster, use:

kubectl get all -n kube-system

Or for none-system:

kubectl get all



Leave a Reply

Your email address will not be published. Required fields are marked *