SAML2AWS connecting to k8s issues

Question

I use saml2aws with Okta authentication to access aws from my local machine. I have added k8s cluster config as well to my machine. While trying to connect to k8s suppose to list pods, a simple kubectl get pods returns an error [Errno 2] No such file or directory: '/var/run/secrets/eks.amazonaws.com/serviceaccount/token' Unable to connect to the server: getting credentials: exec: executable aws failed with exit code 255

But if i do saml2aws exec kubectl get pods i am able to fetch pods.

I dont understand if the problem is with storing of credentials or where do i begin to even understand the problem.

Any kind of help will be appreciated.

Answer 1

To Integrate Saml2aws with OKTA , you need to create a profile in saml2aws first

• Configure Profile

saml2aws configure \
  --skip-prompt \
  --mfa Auto \
  --region <region, ex us-east-2> \
  --profile <awscli_profile> \
  --idp-account <saml2aws_profile_name>> \
  --idp-provider Okta \
  --username <your email> \
  --role arn:aws:iam::<account_id>:role/<aws_role_initial_assume> \
  --session-duration 28800 \
  --url "https://<company>.okta.com/home/amazon_aws/......."

URL, region ... can be got from OKTA integration UI.

• Login

samle2aws login  --idp-account <saml2aws_profile_name>

that should prompt you for password and MFA if exist.

• Verification

aws --profile=<awscli_profile> s3 ls

then finally , Just export AWS_PROFILE by

export AWS_PROFILE=<awscli_profile>

and use awscli directly

aws sts get-caller-identity