eks-security-workshop-prep

CLI commands to run before EKS Security workshop on eksworkshop.com

Install kubectl

sudo curl --silent --location -o /usr/local/bin/kubectl \
   https://amazon-eks.s3.us-west-2.amazonaws.com/1.19.6/2021-01-05/bin/linux/amd64/kubectl

sudo chmod +x /usr/local/bin/kubectl

Enable kubectl bash_completion

kubectl completion bash >>  ~/.bash_completion
. /etc/profile.d/bash_completion.sh
. ~/.bash_completion

Update awscli

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
alias aws=/usr/local/bin/aws

Install jq, envsubst (from GNU gettext utilities) and bash-completion

sudo yum -y install jq gettext bash-completion moreutils

Install eksctl

curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp

sudo mv -v /tmp/eksctl /usr/local/bin

Disabling AWS managed temporary credentials:

aws cloud9 update-environment  --environment-id $C9_PID --managed-credentials-action DISABLE
rm -vf ${HOME}/.aws/credentials

Initialize env vars

export ACCOUNT_ID=$(aws sts get-caller-identity --output text --query Account)
export AWS_REGION=$(curl -s 169.254.169.254/latest/dynamic/instance-identity/document | jq -r '.region')
export AZS=($(aws ec2 describe-availability-zones --query 'AvailabilityZones[].ZoneName' --output text --region $AWS_REGION))
echo "export ACCOUNT_ID=${ACCOUNT_ID}" | tee -a ~/.bash_profile
echo "export AWS_REGION=${AWS_REGION}" | tee -a ~/.bash_profile
echo "export AZS=(${AZS[@]})" | tee -a ~/.bash_profile
aws configure set default.region ${AWS_REGION}
aws configure get default.region

Verify IAM role

aws sts get-caller-identity --query Arn | grep eksworkshop-admin -q && echo "IAM role valid" || echo "IAM role NOT valid"

Install helm

curl -sSL https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash

Update kube config

aws eks update-kubeconfig --region us-east-2 --name eksworkshop-eksctl

Install Calico

kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/master/config/master/calico-operator.yaml
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/master/config/master/calico-crs.yaml
kubectl get daemonset calico-node --namespace=calico-system

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

eks-security-workshop-prep

Install kubectl

Enable kubectl bash_completion

Update awscli

Install jq, envsubst (from GNU gettext utilities) and bash-completion

Install eksctl

Disabling AWS managed temporary credentials:

Initialize env vars

Verify IAM role

Install helm

Update kube config

Install Calico

About

Uh oh!

Releases

Packages

edwardrackspace/eks-security-workshop-prep

Folders and files

Latest commit

History

Repository files navigation

eks-security-workshop-prep

Install kubectl

Enable kubectl bash_completion

Update awscli

Install jq, envsubst (from GNU gettext utilities) and bash-completion

Install eksctl

Disabling AWS managed temporary credentials:

Initialize env vars

Verify IAM role

Install helm

Update kube config

Install Calico

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Packages