| agent: |
- 1GbdUdMkQ7VRP2NTYR1eySet up AWS CLI and configure it with the necessary credentials and region us-west-2
1
Set up AWS CLI and configure it with the necessary credentials and region us-west-2
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.This script sets up AWS CLI with the necessary credentials and configures the default region to us-west-2.
inputsoutputsimport os # Set AWS credentials and default region aws_access_key_id = getEnvVar('AWS_ACCESS_KEY_ID') aws_secret_access_key = getEnvVar('AWS_SECRET_ACCESS_KEY') region = region # Configure AWS CLI os.system(f'aws configure set aws_access_key_id {aws_access_key_id}') os.system(f'aws configure set aws_secret_access_key {aws_secret_access_key}') os.system(f'aws configure set default.region {region}') print('AWS CLI configured with region:', region)copied1 - 2kIYpsCx57bUkSIrNvCSYCreate an IAM role with the necessary permissions for EKS and attach it to the EC2 instances
2
Create an IAM role with the necessary permissions for EKS and attach it to the EC2 instances
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.This script creates an IAM role with the necessary permissions for EKS and attaches it to EC2 instances.
inputsoutputsimport boto3 import json # Define role and instance profile names # role_name = "MyEKSClusterRole" instance_profile_name = f"{role_name}-InstanceProfile" # Policy ARNs eks_cluster_policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy" # Custom inline policy custom_policy_document = { "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "iam:ListRoles", "eks:*" ], "Resource": "*" } ] } # Updated trust policy for both EC2 and EKS trust_policy = { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "ec2.amazonaws.com", "eks.amazonaws.com" ] }, "Action": "sts:AssumeRole" } ] } # Initialize session and client session = boto3.Session( aws_access_key_id=getEnvVar('AWS_ACCESS_KEY_ID'), aws_secret_access_key=getEnvVar('AWS_SECRET_ACCESS_KEY') ) iam_client = session.client('iam') # Create the IAM Role role_response = iam_client.create_role( RoleName=role_name, AssumeRolePolicyDocument=json.dumps(trust_policy), Description="EKS Cluster Role with EC2 and EKS trust" ) role_arn = role_response['Role']['Arn'] # Attach AWS managed policy iam_client.attach_role_policy( RoleName=role_name, PolicyArn=eks_cluster_policy_arn ) # Attach custom inline policy iam_client.put_role_policy( RoleName=role_name, PolicyName="EKSCustomPolicy", PolicyDocument=json.dumps(custom_policy_document) ) # Create instance profile if it doesn't exist try: iam_client.create_instance_profile( InstanceProfileName=instance_profile_name ) print(f"Created instance profile: {instance_profile_name}") except iam_client.exceptions.EntityAlreadyExistsException: print(f"Instance profile {instance_profile_name} already exists.") # Add role to instance profile iam_client.add_role_to_instance_profile( InstanceProfileName=instance_profile_name, RoleName=role_name ) print('Role ARN:', role_arn)copied2 - 3p4r1jjCNaqoP2IR7xMcDCreate AWS IAM Role for EKS Worker nodes
3
Create AWS IAM Role for EKS Worker nodes
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.inputsoutputsimport boto3 import time # Initialize session and IAM client session = boto3.Session( aws_access_key_id=getEnvVar('AWS_ACCESS_KEY_ID'), aws_secret_access_key=getEnvVar('AWS_SECRET_ACCESS_KEY') ) iam_client = session.client('iam') # Set role and instance profile names #worker_role_name = "EKSWORKERNODEROLE" instance_profile_name = worker_role_name + "-InstanceProfile" # 1. Trust policy so EC2 instances can assume the role trust_policy = { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "ec2.amazonaws.com", "eks.amazonaws.com" ] }, "Action": "sts:AssumeRole" } ] } # 2. Create the IAM role try: role_response = iam_client.create_role( RoleName=worker_role_name, AssumeRolePolicyDocument=json.dumps(trust_policy), Description="EKS Worker Node Role" ) print(f" Created role: {worker_role_name}") except iam_client.exceptions.EntityAlreadyExistsException: print(f" Role {worker_role_name} already exists.") role_response = iam_client.get_role(RoleName=worker_role_name) role_arn = role_response['Role']['Arn'] # 3. Attach required managed policies managed_policies = [ "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly", "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy", "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy" ] for policy_arn in managed_policies: iam_client.attach_role_policy(RoleName=worker_role_name, PolicyArn=policy_arn) print(f" Attached policy: {policy_arn}") # 4. Create instance profile and attach role try: iam_client.create_instance_profile(InstanceProfileName=instance_profile_name) print(f" Created instance profile: {instance_profile_name}") except iam_client.exceptions.EntityAlreadyExistsException: print(f" Instance profile {instance_profile_name} already exists.") # Add role to instance profile (wait to ensure profile is ready) time.sleep(5) try: iam_client.add_role_to_instance_profile( InstanceProfileName=instance_profile_name, RoleName=worker_role_name ) print(f" Added role to instance profile.") except iam_client.exceptions.LimitExceededException: print(" Role already associated with instance profile.") # Final output print(f" Role ARN: {role_arn}") worker_role_arn = role_arncopied3