Lens IDE for EKS cluster

I have a kubernetes cluster on AWS the EKS one.
I have SSO for my AWS account
Every time I have to export the creds on my terminal and then I can run the kubectl commands only on the same terminal.
How can I connect that cluster to Lens IDE

Hi @bonthusaireddy

I guess this is going to depend where you are running Lens from. I personally haven’t tried Lens, however there needs to be a route from wherever you have Lens installed to the API server’s endpoint.

If you are running it on your own workstation/laptop or whatever, then by default the EKS control plane is not going to be publicly visible so you won’t be able to get a connection. You would either

  1. Need a VPN or direct connect between you and the AWS VPC where EKS is deployed (not practical cost-wise except for a business).
  2. Deploy a workstation (Windows or Linux with desktop) inside your VPC such that it can see the EKS control plane and connect to that with RDP or VNC.

Hi @Alistair_KodeKloud

Thanks for the reply
That’s completely true my workspace is in the VPC and I am able to access the EKS cluster with my AWS SSO credentials.
But my problem is when I paste my AWS SSO credentials on the terminal I am only able to access the EKS cluster only on that particular terminal.
Since LENS does not use that terminal for connecting to AWS here is the problem.

Here I don’t have AWS iam credentials , the AWS SSO credentials which are temporary say like for 1 hour, I paste the AWS SSO credentials whenever I want to connect to AWS.

I am able to connect to EKS cluster on LENS with changing the ~/.aws/credentials file

But the problem here is everytime you need to modify this file.

I was looking for a better way to directly paste the credentials on LENS

I have asked this question here because here because LENS course is available on kokekloud


Yeah, there’s a lens course, but it is generic and doesn’t cover specifically onboarding an EKS cluster and certainly not with federation involved in SSO

There appear to be some articles that suggest you can craft a kubeconfig to invoke external programs like aws cli, eksctl or OIDC providers to aid in authentication - then you can mount the cluster from the kubeconfig

I think you’ll need to put the pieces together from the various bits and pieces on Google - and if you find a good working solution, maybe make a new post here on how you configured it.

It’s also going to depend on the federation you’re using (Active Directory, 3rd party OAuth like Okta, or native AWS SSO)