6 - Tenant and Admin Just-In-Time (JIT) AWS Access

Using JIT to access the AWS Portal from DuploCloud

JIT Access from the DuploCloud Portal

Navigate to User -> Profile to view options for obtaining JIT credentials with the JIT AWS Console button.

This method uses Tenant-level AWS permissions.

The JIT AWS Console button on the Profile page

CLI

DuploCloud uses duplo-jit to access the CLI. You can use duplo-jit to retrieve Tenant-scoped temporary credentials.

Documentation for installation and setup can be found here.

Accessing the AWS CLI for Admin and Tenant Scopes

[profile duplo-prod]
region=us-west-2
credential_process=duplo-jit aws --admin --host https://prod.duplocloud.net --interactive
[profile test-04]
region=us-west-2
credential_process=duplo-jit aws -tenant devab01 --host https://test04.duplocloud.net --interactive

Accessing Kubectl

Administrators can obtain a cluster-wide kubeconfig file by navigating to Administrator -> Infrastructure.

Select the Infrastructure, and in the EKS tab, click the Download Kube Config button.

The kubeconfig file downloaded from DuploCloud

Last updated

Was this helpful?