Add Amazon (AWS) EKS clusters

Lens Desktop supports access to Amazon Elastic Kubernetes Service (Amazon EKS or AWS EKS) clusters.

To access your AWS EKS clusters, select one of the following options:

• Add clusters using One-Click AWS EKS integration

  This feature is available for paid subscription users and allows you to connect to EKS clusters through the One-Click AWS EKS integration without installing and configuring AWS CLI.

• Add clusters through AWS CLI

  Organization policies, network parameters, or personal preferences may require you to use AWS CLI to access AWS EKS clusters. You can also use AWS CLI as a backup way to access your clusters. Select one of the following options:

  • Automatically detect AWS EKS clusters with AWS CLI

    If you already have AWS CLI installed and configured, Lens Desktop will detect and display available clusters. However, it requires staying logged into your AWS profile.

  • Manually update local kubeconfig file

    You can update your kubeconfig file using AWS CLI, and then continue working with EKS clusters locally.

Info

Although logging in your AWS profile might work without a VPN connection, connecting to an AWS EKS cluster itself may require one. This depends on the network policies of your organization. Contact your network administrators to determine whether a VPN connection is necessary.

Add clusters using One-Click AWS EKS integration

Lens premium subscription feature. See details on Lens Pricing.

1. In Kubernetes Clusters > EKS, click Add AWS Profile and select Sign in with AWS SSO to access AWS using your company profile.

2. Paste your AWS SSO Start URL into the input field and click Next.

   Tip

   The AWS SSO Start URL has the following format:

   https://<sso-portal>.awsapps.com/start
   

   Find AWS SSO Start URL in your AWS access portal, or contact an AWS administrator of your organization account.

3. In the Add AWS Profile modal, memorize the authorization code and click Open in browser. If you are not logged into your AWS account, a browser tab opens with a sign in form.

4. In the browser tab, verify that the displayed code matches the one from the previous step, and click Confirm and continue. Complete the remaining steps and return to Lens Desktop.
5. In the Add AWS Profile modal, select the AWS profile.
6. Optional. If there are multiple IAM roles in your profile, select one that you are going to use.

After completing these steps, Lens Desktop displays available EKS clusters from your AWS profile.

In the video below, you can watch the integration process:

Add clusters through AWS CLI

With properly installed and configured AWS CLI, you can detect EKS clusters or update local kubeconfig file.

Some cases in which you might need to integrate your Amazon EKS clusters through AWS CLI:

• SSO Authentication Issues

  Firewall, VPN, or proxy restrictions might block the AWS SSO login flow.

• Corporate Policies

  Organization restrictions or the use of AWS IAM Identity Center (SSO).

• Legacy or Custom Environments

  Manual kubeconfig management requirements due to custom authentication or network setups.

• User Preferences

  Personal user preferences regarding control over kubeconfig files or the use of external automated scripts.

Prerequisites

To add an AWS EKS cluster to Lens Desktop, you need to install and configure AWS CLI. See Get started with AWS CLI and Configuration and credential file settings for details.

Automatically detect AWS EKS clusters with AWS CLI

To detect your clusters automatically, you need to have the AWS CLI tool configured to the AWS profiles corresponding to your clusters. In this scenario, Lens Desktop detects available AWS EKS clusters in Kubernetes Clusters >AWS EKS. However, this way requires you to stay logged in to AWS, as Lens Desktop relies on the active AWS session to access the profiles configured in AWS CLI. It enables Lens Desktop to access the available clusters from the AWS profiles. If you are logged out of AWS CLI, Lens Desktop displays the lock icon next to each profile signalling that authentication is required. Click the icon to log into the AWS system from Lens Desktop, or log in from AWS CLI.

Manually update local kubeconfig file

To update your local kubeconfig file, use the aws eks update-kubeconfig AWS CLI utility. The config file gets the AWS EKS cluster configurations, which enables Lens Desktop to discover the cluster similarly to kubectl. In this case, you can access your cluster at Kubernetes Clusters > Local Kubeconfigs.

To add an AWS EKS cluster:

1. Required only at the initial session. Configure the AWS SSO session:

   aws configure sso
   SSO session name (Recommended): <sso-name>
   SSO start URL [None]: https://<sso-portal>.awsapps.com/start
   SSO region [None]: <region-name>
   

   If the parameters are specified correctly, an SSO authentication page opens to confirm that the request has been approved. After returning to the CLI tool, if you have multiple AWS accounts, select the one that corresponds to the target cluster.

2. Start the AWS SSO session:

   aws sso login
   

   An SSO authentication page opens to confirm that the request has been approved. After returning to the CLI tool, if you have several AWS accounts, select the one that corresponds to the target cluster.

3. Update your local kubeconfig file:

   Info

   As the AWS account region and the cluster region may differ, specify the region that corresponds to the cluster.

   aws eks --region <region-name> update-kubeconfig --name <cluster-name>
   

4. Check if kubeconfig file has been updated:

   kubectl config get-contexts
   

   System response example:

   CURRENT   NAME                                                                 CLUSTER                                                              AUTHINFO                                                             NAMESPACE
             aks-lens-cluster                                                     aks-lens-cluster                                                     clusterUser_aks-lens-resource-group_aks-lens-cluster
   *         arn:aws:eks:eu-north-1:841310725496:cluster/exciting-classical-ant   arn:aws:eks:eu-north-1:841310725496:cluster/exciting-classical-ant   arn:aws:eks:eu-north-1:841310725496:cluster/exciting-classical-ant
             docker-desktop                                                       docker-desktop                                                       docker-desktop
   

5. Open Lens Desktop and check if the new cluster appears in Navigator > Local Kubeconfigs section.

---

See also

• Overview of Amazon Elastic Kubernetes Service

  What is Amazon EKS?

• First steps with AWS CLI

  Getting started with the AWS CLI

• An article about configuring AWS CLI to retrieve credentials to run AWS CLI commands

  Configuring IAM Identity Center authentication with the AWS CLI

• An article about organizing and storing credentials in config files

  Configuration and credential file settings for details.

• An example of creating a kubeconfig file for an Amazon EKS cluster

  Why can't I connect to my Amazon EKS cluster?

• An example of configuring Amazon EKS single sign-on

  A quick path to Amazon EKS single sign-on using AWS SSO