🛠️ 開発・MCP コミュニティ
boto3-eks
Amazon EKSクラスタの構築やノードグループの管理、認証トークンの生成、Kubernetesクライアントとの連携などを、AWS Boto3 SDKを使って効率的に行うための自動化処理を支援するSkill。
📜 元の英語説明(参考)
AWS Boto3 SDK patterns for Amazon EKS cluster management, node groups, authentication tokens, and Kubernetes client integration. Use when working with EKS clusters, managing node groups, generating kubeconfig, creating authentication tokens, integrating Kubernetes Python client, managing Fargate profiles, or implementing IRSA authentication.
🇯🇵 日本人クリエイター向け解説
一言でいうと
Amazon EKSクラスタの構築やノードグループの管理、認証トークンの生成、Kubernetesクライアントとの連携などを、AWS Boto3 SDKを使って効率的に行うための自動化処理を支援するSkill。
※ jpskill.com 編集部が日本のビジネス現場向けに補足した解説です。Skill本体の挙動とは独立した参考情報です。
⚡ おすすめ: コマンド1行でインストール(60秒)
下記のコマンドをコピーしてターミナル(Mac/Linux)または PowerShell(Windows)に貼り付けてください。 ダウンロード → 解凍 → 配置まで全自動。
🍎 Mac / 🐧 Linux
mkdir -p ~/.claude/skills && cd ~/.claude/skills && curl -L -o boto3-eks.zip https://jpskill.com/download/9387.zip && unzip -o boto3-eks.zip && rm boto3-eks.zip
🪟 Windows (PowerShell)
$d = "$env:USERPROFILE\.claude\skills"; ni -Force -ItemType Directory $d | Out-Null; iwr https://jpskill.com/download/9387.zip -OutFile "$d\boto3-eks.zip"; Expand-Archive "$d\boto3-eks.zip" -DestinationPath $d -Force; ri "$d\boto3-eks.zip"完了後、Claude Code を再起動 → 普通に「動画プロンプト作って」のように話しかけるだけで自動発動します。
💾 手動でダウンロードしたい(コマンドが難しい人向け)
- 1. 下の青いボタンを押して
boto3-eks.zipをダウンロード - 2. ZIPファイルをダブルクリックで解凍 →
boto3-eksフォルダができる - 3. そのフォルダを
C:\Users\あなたの名前\.claude\skills\(Win)または~/.claude/skills/(Mac)へ移動 - 4. Claude Code を再起動
⚠️ ダウンロード・利用は自己責任でお願いします。当サイトは内容・動作・安全性について責任を負いません。
🎯 このSkillでできること
下記の説明文を読むと、このSkillがあなたに何をしてくれるかが分かります。Claudeにこの分野の依頼をすると、自動で発動します。
📦 インストール方法 (3ステップ)
- 1. 上の「ダウンロード」ボタンを押して .skill ファイルを取得
- 2. ファイル名の拡張子を .skill から .zip に変えて展開(macは自動展開可)
- 3. 展開してできたフォルダを、ホームフォルダの
.claude/skills/に置く- · macOS / Linux:
~/.claude/skills/ - · Windows:
%USERPROFILE%\.claude\skills\
- · macOS / Linux:
Claude Code を再起動すれば完了。「このSkillを使って…」と話しかけなくても、関連する依頼で自動的に呼び出されます。
詳しい使い方ガイドを見る →- 最終更新
- 2026-05-18
- 取得日時
- 2026-05-18
- 同梱ファイル
- 1
📖 Skill本文(日本語訳)
※ 原文(英語/中国語)を Gemini で日本語化したものです。Claude 自身は原文を読みます。誤訳がある場合は原文をご確認ください。
AWS Boto3 EKS 連携
AWS Boto3 SDK を使用して Amazon EKS クラスターを管理するための完全なパターン。Kubernetes クライアント統合のための認証トークン生成を含みます。
クイックリファレンス
クライアントの初期化
import boto3
from typing import Optional
def get_eks_client(region_name: str = 'us-east-1',
profile_name: Optional[str] = None):
"""Initialize EKS client with optional profile"""
session = boto3.Session(
region_name=region_name,
profile_name=profile_name
)
return session.client('eks')
# Usage
eks = get_eks_client(region_name='us-west-2')必須のクラスター操作
# Describe cluster
cluster = eks.describe_cluster(name='my-cluster')
print(f"Status: {cluster['cluster']['status']}")
print(f"Endpoint: {cluster['cluster']['endpoint']}")
print(f"Version: {cluster['cluster']['version']}")
# List clusters
clusters = eks.list_clusters()
for cluster_name in clusters['clusters']:
print(cluster_name)
# Check cluster status
waiter = eks.get_waiter('cluster_active')
waiter.wait(name='my-cluster')認証トークンの生成
import base64
from botocore.signers import RequestSigner
def get_eks_token(cluster_name: str, region_name: str = 'us-east-1') -> str:
"""Generate EKS authentication token (k8s-aws-v1.*)"""
session = boto3.Session(region_name=region_name)
client = session.client('sts')
service_id = client.meta.service_model.service_id
signer = RequestSigner(
service_id,
region_name,
'sts',
'v4',
session.get_credentials(),
session.events
)
params = {
'method': 'GET',
'url': f'https://sts.{region_name}.amazonaws.com/?Action=GetCallerIdentity&Version=2011-06-15',
'body': {},
'headers': {
'x-k8s-aws-id': cluster_name
},
'context': {}
}
signed_url = signer.generate_presigned_url(
params,
region_name=region_name,
expires_in=60,
operation_name=''
)
token = 'k8s-aws-v1.' + base64.urlsafe_b64encode(
signed_url.encode('utf-8')
).decode('utf-8').rstrip('=')
return token
# Usage with Kubernetes client
from kubernetes import client as k8s_client
token = get_eks_token('my-cluster', 'us-west-2')
configuration = k8s_client.Configuration()
configuration.host = cluster['cluster']['endpoint']
configuration.api_key = {"authorization": f"Bearer {token}"}
configuration.ssl_ca_cert = '/tmp/ca.crt' # Cluster CA certificateKubeconfig の生成
import yaml
from pathlib import Path
def generate_kubeconfig(cluster_name: str,
region_name: str,
output_path: str = '~/.kube/config') -> dict:
"""Generate kubeconfig for EKS cluster"""
eks = get_eks_client(region_name)
cluster_info = eks.describe_cluster(name=cluster_name)['cluster']
kubeconfig = {
'apiVersion': 'v1',
'kind': 'Config',
'clusters': [{
'cluster': {
'certificate-authority-data': cluster_info['certificateAuthority']['data'],
'server': cluster_info['endpoint']
},
'name': cluster_info['arn']
}],
'contexts': [{
'context': {
'cluster': cluster_info['arn'],
'user': cluster_info['arn']
},
'name': cluster_info['arn']
}],
'current-context': cluster_info['arn'],
'users': [{
'name': cluster_info['arn'],
'user': {
'exec': {
'apiVersion': 'client.authentication.k8s.io/v1beta1',
'command': 'aws',
'args': [
'eks',
'get-token',
'--cluster-name',
cluster_name,
'--region',
region_name
],
'env': None,
'interactiveMode': 'IfAvailable',
'provideClusterInfo': False
}
}
}]
}
# Write to file
output = Path(output_path).expanduser()
output.parent.mkdir(parents=True, exist_ok=True)
with output.open('w') as f:
yaml.dump(kubeconfig, f, default_flow_style=False)
return kubeconfigノードグループの管理
# List node groups
nodegroups = eks.list_nodegroups(clusterName='my-cluster')
for ng in nodegroups['nodegroups']:
print(ng)
# Describe node group
ng_info = eks.describe_nodegroup(
clusterName='my-cluster',
nodegroupName='my-nodegroup'
)
print(f"Status: {ng_info['nodegroup']['status']}")
print(f"Capacity: {ng_info['nodegroup']['scalingConfig']}")
# Update node group scaling
eks.update_nodegroup_config(
clusterName='my-cluster',
nodegroupName='my-nodegroup',
scalingConfig={
'minSize': 2,
'maxSize': 10,
'desiredSize': 4
}
)Fargate プロファイル
# List Fargate profiles
profiles = eks.list_fargate_profiles(clusterName='my-cluster')
# Describe Fargate profile
profile_info = eks.describe_fargate_profile(
clusterName='my-cluster',
fargateProfileName='my-fargate-profile'
)
print(f"Status: {profile_info['fargateProfile']['status']}")
print(f"Selectors: {profile_info['fargateProfile']['selectors']}")一般的なパターン
エラー処理
from botocore.exceptions import ClientError, BotoCoreError
try:
cluster = eks.describe_cluster(name='my-cluster')
except eks.exceptions.ResourceNotFoundException:
print("Cluster not found")
except ClientError as e:
error_code = e.response['Error']['Code']
if error_code == 'AccessDeniedException':
print("Insufficient permissions")
else:
print(f"AWS Error: {error_code}")
except BotoCoreError as e:
print(f"Connection err📜 原文 SKILL.md(Claudeが読む英語/中国語)を展開
AWS Boto3 EKS Integration
Complete patterns for managing Amazon EKS clusters using AWS Boto3 SDK, including authentication token generation for Kubernetes client integration.
Quick Reference
Client Initialization
import boto3
from typing import Optional
def get_eks_client(region_name: str = 'us-east-1',
profile_name: Optional[str] = None):
"""Initialize EKS client with optional profile"""
session = boto3.Session(
region_name=region_name,
profile_name=profile_name
)
return session.client('eks')
# Usage
eks = get_eks_client(region_name='us-west-2')Essential Cluster Operations
# Describe cluster
cluster = eks.describe_cluster(name='my-cluster')
print(f"Status: {cluster['cluster']['status']}")
print(f"Endpoint: {cluster['cluster']['endpoint']}")
print(f"Version: {cluster['cluster']['version']}")
# List clusters
clusters = eks.list_clusters()
for cluster_name in clusters['clusters']:
print(cluster_name)
# Check cluster status
waiter = eks.get_waiter('cluster_active')
waiter.wait(name='my-cluster')Authentication Token Generation
import base64
from botocore.signers import RequestSigner
def get_eks_token(cluster_name: str, region_name: str = 'us-east-1') -> str:
"""Generate EKS authentication token (k8s-aws-v1.*)"""
session = boto3.Session(region_name=region_name)
client = session.client('sts')
service_id = client.meta.service_model.service_id
signer = RequestSigner(
service_id,
region_name,
'sts',
'v4',
session.get_credentials(),
session.events
)
params = {
'method': 'GET',
'url': f'https://sts.{region_name}.amazonaws.com/?Action=GetCallerIdentity&Version=2011-06-15',
'body': {},
'headers': {
'x-k8s-aws-id': cluster_name
},
'context': {}
}
signed_url = signer.generate_presigned_url(
params,
region_name=region_name,
expires_in=60,
operation_name=''
)
token = 'k8s-aws-v1.' + base64.urlsafe_b64encode(
signed_url.encode('utf-8')
).decode('utf-8').rstrip('=')
return token
# Usage with Kubernetes client
from kubernetes import client as k8s_client
token = get_eks_token('my-cluster', 'us-west-2')
configuration = k8s_client.Configuration()
configuration.host = cluster['cluster']['endpoint']
configuration.api_key = {"authorization": f"Bearer {token}"}
configuration.ssl_ca_cert = '/tmp/ca.crt' # Cluster CA certificateKubeconfig Generation
import yaml
from pathlib import Path
def generate_kubeconfig(cluster_name: str,
region_name: str,
output_path: str = '~/.kube/config') -> dict:
"""Generate kubeconfig for EKS cluster"""
eks = get_eks_client(region_name)
cluster_info = eks.describe_cluster(name=cluster_name)['cluster']
kubeconfig = {
'apiVersion': 'v1',
'kind': 'Config',
'clusters': [{
'cluster': {
'certificate-authority-data': cluster_info['certificateAuthority']['data'],
'server': cluster_info['endpoint']
},
'name': cluster_info['arn']
}],
'contexts': [{
'context': {
'cluster': cluster_info['arn'],
'user': cluster_info['arn']
},
'name': cluster_info['arn']
}],
'current-context': cluster_info['arn'],
'users': [{
'name': cluster_info['arn'],
'user': {
'exec': {
'apiVersion': 'client.authentication.k8s.io/v1beta1',
'command': 'aws',
'args': [
'eks',
'get-token',
'--cluster-name',
cluster_name,
'--region',
region_name
],
'env': None,
'interactiveMode': 'IfAvailable',
'provideClusterInfo': False
}
}
}]
}
# Write to file
output = Path(output_path).expanduser()
output.parent.mkdir(parents=True, exist_ok=True)
with output.open('w') as f:
yaml.dump(kubeconfig, f, default_flow_style=False)
return kubeconfigNode Group Management
# List node groups
nodegroups = eks.list_nodegroups(clusterName='my-cluster')
for ng in nodegroups['nodegroups']:
print(ng)
# Describe node group
ng_info = eks.describe_nodegroup(
clusterName='my-cluster',
nodegroupName='my-nodegroup'
)
print(f"Status: {ng_info['nodegroup']['status']}")
print(f"Capacity: {ng_info['nodegroup']['scalingConfig']}")
# Update node group scaling
eks.update_nodegroup_config(
clusterName='my-cluster',
nodegroupName='my-nodegroup',
scalingConfig={
'minSize': 2,
'maxSize': 10,
'desiredSize': 4
}
)Fargate Profiles
# List Fargate profiles
profiles = eks.list_fargate_profiles(clusterName='my-cluster')
# Describe Fargate profile
profile_info = eks.describe_fargate_profile(
clusterName='my-cluster',
fargateProfileName='my-fargate-profile'
)
print(f"Status: {profile_info['fargateProfile']['status']}")
print(f"Selectors: {profile_info['fargateProfile']['selectors']}")Common Patterns
Error Handling
from botocore.exceptions import ClientError, BotoCoreError
try:
cluster = eks.describe_cluster(name='my-cluster')
except eks.exceptions.ResourceNotFoundException:
print("Cluster not found")
except ClientError as e:
error_code = e.response['Error']['Code']
if error_code == 'AccessDeniedException':
print("Insufficient permissions")
else:
print(f"AWS Error: {error_code}")
except BotoCoreError as e:
print(f"Connection error: {e}")Async Operations with Waiters
# Wait for cluster to be active
waiter = eks.get_waiter('cluster_active')
waiter.wait(
name='my-cluster',
WaiterConfig={
'Delay': 30, # Poll every 30 seconds
'MaxAttempts': 40 # Max 20 minutes
}
)
# Wait for cluster deletion
waiter = eks.get_waiter('cluster_deleted')
waiter.wait(name='my-cluster')
# Wait for nodegroup active
waiter = eks.get_waiter('nodegroup_active')
waiter.wait(
clusterName='my-cluster',
nodegroupName='my-nodegroup'
)IRSA (IAM Roles for Service Accounts)
# Get OIDC provider for cluster
cluster = eks.describe_cluster(name='my-cluster')['cluster']
oidc_issuer = cluster['identity']['oidc']['issuer']
print(f"OIDC Issuer: {oidc_issuer}")
# OIDC issuer URL (without https://)
oidc_provider = oidc_issuer.replace('https://', '')
# Use with IAM to create trust relationship
# (See references/auth-tokens.md for complete IRSA setup)Progressive Disclosure
Quick Start (This File)
- Client initialization
- Essential cluster operations
- Token generation for K8s client
- Kubeconfig generation
- Basic node group operations
Detailed References
- Cluster Operations: Complete cluster lifecycle management, version updates, configuration changes, and advanced waiter patterns
- Authentication & Tokens: Token generation, refresh patterns, cross-account access, IRSA setup, and Kubernetes client integration
- Node Groups & Fargate: Managed node groups, Fargate profiles, add-ons, scaling operations, and update workflows
When to Use This Skill
Use this skill when:
- Managing EKS clusters programmatically
- Generating authentication tokens for Kubernetes Python client
- Creating or updating kubeconfig files
- Automating node group scaling
- Setting up Fargate profiles
- Implementing IRSA for pod-level permissions
- Cross-account cluster access
- Integrating EKS with Python applications
Dependencies
pip install boto3 botocore kubernetes pyyamlRelated Skills
- anthropic-expert: Claude API patterns for agent-based EKS management
- claude-cost-optimization: Cost tracking for EKS automation workflows
- railway-deployment: Container deployment patterns
Best Practices
- Credentials: Use IAM roles or profiles, never hardcode credentials
- Token Refresh: EKS tokens expire in 15 minutes, implement refresh logic
- Error Handling: Always handle ResourceNotFoundException and throttling
- Waiters: Use built-in waiters for async operations instead of polling
- Region Awareness: Always specify region explicitly
- IRSA: Use IRSA for pod-level permissions instead of node IAM roles
- Pagination: Use paginators for list operations in large environments
- Type Hints: Include type hints for better IDE support and validation