README
¶
kubectl-aks-cert-expiration
A kubectl krew plugin that checks the expiration of Kubernetes API server TLS certificates for AKS clusters across all subscriptions in an Azure account.
Prerequisites
- Go 1.16 or higher
- An Azure account with appropriate permissions to list subscriptions and AKS clusters
- kubectl and krew installed
Installation
Using Krew
- Clone the repository:
git clone https://github.com/marcocristofolini/kubectl-aks-cert-expiration.git
- Install the plugin using Krew:
kubectl krew install --manifest=./kubectl-aks-cert-expiration/plugin.yaml
Manual Installation
- Clone the repository:
git clone https://github.com/marcocristofolini/kubectl-aks-cert-expiration.git
- Change to the project directory and build the plugin:
cd kubectl-aks-cert-expiration
go build -o kubectl-aks_cert_expiration main.go
- Add the compiled binary to your
PATH:
export PATH=$PATH:/path/to/your/kubectl-aks-cert-expiration
Usage
To use the plugin, set the following environment variables with your Azure account's credentials:
AZURE_CLIENT_ID: Your Azure Client IDAZURE_CLIENT_SECRET: Your Azure Client SecretAZURE_TENANT_ID: Your Azure Tenant ID
Run the plugin:
kubectl aks-cert-expiration --client-id=<your-client-id> --client-secret=<your-client-secret> --tenant-id=<your-tenant-id>
The plugin will authenticate with Azure, iterate through each subscription, and check the certificate expiration for all AKS clusters by connecting to the Kubernetes API server directly and inspecting the TLS certificate.
Contributing
If you'd like to contribute to the project, please submit a pull request or open an issue on the GitHub repository .
License
MIT License
Documentation
¶
There is no documentation for this package.
Source Files
Click to show internal directories.
Click to hide internal directories.