Gitlab - Terraform -EKS Deployment Images & Commands
Gitlab & Terraform Commands & Images
aws eks update-kubeconfig --region us-east-1 --name express-app-production-eks kubectl get nodes kubectl create serviceaccount aws-load-balancer-controller -n kube-system kubectl annotate serviceaccount aws-load-balancer-controller -n kube-system eks.amazonaws.com/role-arn=arn:aws:iam::435182297172:role/eksctl-express-app-production-eks-addon-iamse-Role kubectl describe serviceaccount aws-load-balancer-controller -n kube-system kubectl get deployment aws-load-balancer-controller -n kube-system kubectl logs -n kube-system deployment/aws-load-balancer-controller --tail=50Gitlab & Terraform Commands & Images
kubectl patch deployment aws-load-balancer-controller -n kube-system --type='json' -p='[{"op": "add","path":"/spec/template/spec/containers/0/args/-","value": "--feature-gates=NLBGatewayAPI=true,ALBGatewayAPI=true"}]'
kubectl logs -n kube-system deployment/aws-load-balancer-controller
kubectl get gateway express-gateway -n default
kubectl describe serviceaccount aws-load-balancer-controller -n kube-system
kubectl annotate serviceaccount aws-load-balancer-controller -n kube-system eks.amazonaws.com/role-arn=arn:aws:iam::435182297172:role/eksctl-express-app-production-eks-addon-iamse-Role
kubectl describe serviceaccount aws-load-balancer-controller -n kube-system
kubectl get gateway express-gateway -n default
kubectl logs -n kube-system -l app.kubernetes.io/name=aws-load-balancer-controller
kubectl get deployment aws-load-balancer-controller -n kube-system
kubectl get gateway express-gateway -n default
aws eks update-kubeconfig --region us-east-1 --name express-app-production-eks
kubectl get gateway express-gateway -n default
kubectl logs -n kube-system -l app.kubernetes.io/name=aws-load-balancer-controller
kubectl -n kube-system get deploy aws-load-balancer-controller -o wide
kubectl -n kube-system get pods -l app.kubernetes.io/name=aws-load-balancer-controller -o wide
kubectl -n kube-system describe deployment aws-load-balancer-controller
kubectl -n kube-system logs -l app.kubernetes.io/name=aws-load-balancer-controller --tail=200
kubectl -n kube-system get configmap aws-load-balancer-controller-leader -o yaml
kubectl -n kube-system get sa aws-load-balancer-controller -o yaml
kubectl -n kube-system get sa aws-load-balancer-controller -o=jsonpath='{.metadata.annotations}'
kubectl get events -n kube-system --sort-by='.lastTimestamp'
kubectl -n kube-system get deploy,pod -l app.kubernetes.io/name=aws-load-balancer-controller -o wide
kubectl -n kube-system logs -l app.kubernetes.io/name=aws-load-balancer-controller --tail=300
kubectl -n kube-system get sa aws-load-balancer-controller -o yaml
kubectl -n kube-system get configmap aws-load-balancer-controller-leader -o yaml
kubectl -n kube-system get events --sort-by='.lastTimestamp'
kubectl get gatewayclass.gateway.networking.k8s.io -A -o yaml
kubectl get gateways.gateway.networking.k8s.io -A -o wide
kubectl get httproute.gateway.networking.k8s.io -A -o wide
kubectl get ingressclass -A -o yaml
kubectl get ingress -A -o wide
kubectl get svc --all-namespaces -o wide
kubectl get svc -A -o yaml
kubectl -n kube-system logs -l app.kubernetes.io/name=aws-load-balancer-controller --tail=600
kubectl -n kube-system get sa aws-load-balancer-controller -o yaml
kubectl get events -n default --sort-by='.lastTimestamp'
aws elbv2 describe-load-balancers --query 'LoadBalancers[*].[LoadBalancerArn,LoadBalancerName,Scheme,Type,State]' --output table
kubectl apply -f lb-test-svc.yaml
Gitlab & Terraform Commands & Images
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Federated": "arn:aws:iam::435182297172:oidc-provider/oidc.eks.ap-south-1.amazonaws.com/id/FA5DB1F4F3154F6F3B9F2252DB62716A"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {
"oidc.eks.ap-south-1.amazonaws.com/id/FA5DB1F4F3154F6F3B9F2252DB62716A:sub": "system:serviceaccount:kube-system:aws-load-balancer-controller",
"oidc.eks.ap-south-1.amazonaws.com/id/FA5DB1F4F3154F6F3B9F2252DB62716A:aud": "sts.amazonaws.com"
}
}
}
]
}
Gitlab & Terraform Commands & Images
C:\Users\Kishore>aws eks list-access-entries --cluster-name express-app-production-eks --region ap-south-1
{
"accessEntries": [
"arn:aws:iam::435182297172:role/aws-service-role/eks.amazonaws.com/AWSServiceRoleForAmazonEKS",
"arn:aws:iam::435182297172:role/general-node-group-eks-node-group-20251109072634569400000003",
"arn:aws:iam::435182297172:role/gitlab-ci-role",
"arn:aws:iam::435182297172:user/mohanmaplas3access"
]
}
C:\Users\Kishore>aws eks list-access-entries --cluster-name express-app-production-eks --region ap-south-1
{
"accessEntries": [
"arn:aws:iam::435182297172:role/aws-service-role/eks.amazonaws.com/AWSServiceRoleForAmazonEKS",
"arn:aws:iam::435182297172:role/general-node-group-eks-node-group-20251109072634569400000003",
"arn:aws:iam::435182297172:role/gitlab-ci-role",
"arn:aws:iam::435182297172:user/mohanmaplas3access"
]
}
C:\Users\Kishore>aws eks describe-access-entry --cluster-name express-app-production-eks --principal-arn arn:aws:iam::435182297172:role/gitlab-ci-role --region ap-south-1
{
"accessEntry": {
"clusterName": "express-app-production-eks",
"principalArn": "arn:aws:iam::435182297172:role/gitlab-ci-role",
"kubernetesGroups": [],
"accessEntryArn": "arn:aws:eks:ap-south-1:435182297172:access-entry/express-app-production-eks/role/435182297172/gitlab-ci-role/8acd33c5-f55d-c12a-a506-c98f9364118f",
"createdAt": "2025-11-09T13:06:54.348000+05:30",
"modifiedAt": "2025-11-09T13:06:54.348000+05:30",
"tags": {
"Project": "express-app",
"Environment": "production",
"ManagedBy": "Terraform"
},
"username": "arn:aws:sts::435182297172:assumed-role/gitlab-ci-role/{{SessionName}}",
"type": "STANDARD"
}
}
C:\Users\Kishore>kubectl get nodes
'kubectl' is not recognized as an internal or external command,
operable program or batch file.
C:\Users\Kishore>aws eks describe-access-entry --cluster-name express-app-production-eks --principal-arn arn:aws:iam::435182297172:role/gitlab-ci-role --region ap-south-1
{
"accessEntry": {
"clusterName": "express-app-production-eks",
"principalArn": "arn:aws:iam::435182297172:role/gitlab-ci-role",
"kubernetesGroups": [],
"accessEntryArn": "arn:aws:eks:ap-south-1:435182297172:access-entry/express-app-production-eks/role/435182297172/gitlab-ci-role/34cd3400-778d-7882-3d8e-f000f5df8008",
"createdAt": "2025-11-09T15:14:43.510000+05:30",
"modifiedAt": "2025-11-09T15:14:43.510000+05:30",
"tags": {
"Project": "express-app",
"Environment": "production",
"ManagedBy": "Terraform"
},
"username": "arn:aws:sts::435182297172:assumed-role/gitlab-ci-role/{{SessionName}}",
"type": "STANDARD"
}
}
C:\Users\Kishore>aws eks list-access-entries --cluster-name express-app-production-eks --region ap-south-1
{
"accessEntries": [
"arn:aws:iam::435182297172:role/aws-service-role/eks.amazonaws.com/AWSServiceRoleForAmazonEKS",
"arn:aws:iam::435182297172:role/general-node-group-eks-node-group-20251109093420221100000002",
"arn:aws:iam::435182297172:role/gitlab-ci-role",
"arn:aws:iam::435182297172:root",
"arn:aws:iam::435182297172:user/mohanmaplas3access"
]
}
C:\Users\Kishore>
Need to fix this -> aws iam create-role --role-name gitlab-ci-role --assume-role-policy-document '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"AWS":"arn:aws:iam::435182297172:root"},"Action":"sts:AssumeRole"}]}'