Prerequisite

• Install eksctl CLI
• Install kubectl CLI
• Install AWS CLI

Set UP EKS Cluster

Create an EKS Cluster with Managed Nodes

1. Create SSH key pair (Optional)

aws ec2 create-key-pair --region  --key-name 

2. Create cluster.yaml file

apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
  name: 
  region: 
iam:
  withOIDC: true
nodeGroups:
  - name: mng-m5large
    instanceType: m5.large
    desiredCapacity: 2
    volumeSize: 100
    iam:
      attachPolicyARNs:
        - arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy
        - arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
        - arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly
        - arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy # CWAgent
        - arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore # SSM
        - arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess # xray
        - arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess # xray
        - arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess # s3
        - arn:aws:iam::aws:policy/AmazonPrometheusFullAccess
    ssh:
      allow: true
      publicKeyName: 
cloudWatch:
  clusterLogging:
    enableTypes: [ "*" ]

You can customize vpc to use an existing one.

apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
  name: 
  region: 
iam:
  withOIDC: true
vpc:
  subnets:
    public:
      us-west-2a: { id:  }
      us-west-2b: { id:  }
      us-west-2c: { id:  }
nodeGroups:
  - name: mng-m5large
    instanceType: m5.large
    desiredCapacity: 2
    volumeSize: 100
    iam:
      attachPolicyARNs:
        - arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy
        - arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
        - arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly
        - arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy
        - arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore
        - arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess
        - arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess
        - arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess
        - arn:aws:iam::aws:policy/AmazonPrometheusFullAccess
    ssh:
      allow: true # will use ~/.ssh/id_rsa.pub as the default ssh key
      publicKeyName: 
cloudWatch:
  clusterLogging:
    enableTypes: [ "*" ]

3. Create EKS cluster

eksctl create cluster -f cluster.yaml

To create a cluster with fargate nodes, or look for other customization to your cluster, see Getting started with Amazon EKS – eksctl for more details.

Use an existing EKS Cluster

1. Open the Amazon EC2 console.
2. Select one of the worker node instances and choose the IAM role in the description.
3. On the IAM role page, choose Attach policies.
4. Attach the following policies to node instance role.

AmazonEKSWorkerNodePolicy
AmazonEKS_CNI_Policy
AmazonEC2ContainerRegistryReadOnly
CloudWatchAgentServerPolicy
AmazonSSMManagedInstanceCore
AWSXrayWriteOnlyAccess
AWSXRayDaemonWriteAccess
AmazonS3ReadOnlyAccess
AmazonPrometheusFullAccess