The product described by this documentation, Anthos Clusters on AWS (previous generation), is now in maintenance mode. All new installs must use the current generation product, Anthos clusters on AWS.

Connecting to your cluster with kubectl

Before you begin

Before you start using GKE on AWS, make sure you have performed the following tasks:

Complete the Prerequisites.

Install a management service.
Create a user cluster.

The bastion host

To connect to your GKE on AWS resources, perform the following steps. Select if you have an existing AWS VPC (or direct connection to your VPC) or created a dedicated VPC when creating your management service.

Existing VPC

If you have a direct or VPN connection to an existing VPC, omit the line env HTTP_PROXY=http://localhost:8118 from commands in this topic.

Dedicated VPC

When you create a management service in a dedicated VPC, GKE on AWS includes a bastion host in a public subnet.

To connect to your management service, perform the following steps:

Change to the directory with your GKE on AWS configuration. You created this directory when Installing the management service.
```
cd anthos-aws
```
To open the tunnel, run the bastion-tunnel.sh script. The tunnel forwards to localhost:8118.

To open a tunnel to the bastion host, run the following command:
```
./bastion-tunnel.sh -N
```
Messages from the SSH tunnel appear in this window. When you are ready to close the connection, stop the process by using Control+C or closing the window.
Open a new terminal and change into your anthos-aws directory.
```
cd anthos-aws
```
Check that you're able to connect to the cluster with kubectl.
```
env HTTPS_PROXY=http://localhost:8118 \
kubectl cluster-info
```
The output includes the URL for the management service API server.

The commands in the following sections assume you are using this bastion host. If you are not using the bastion host, remove the lines containing HTTP_PROXY.

Connecting to your management service with kubectl

To connect to your management service with the kubectl tool, perform the following steps:

From your anthos-aws directory, use anthos-gke to switch context to your management service.

cd anthos-aws
anthos-gke aws management get-credentials

Note: anthos-gke uses the credentials you specified when you ran aws configure.

Connecting to your user clusters with kubectl

To connect to your user clusters with the kubectl tool, perform the following steps:

From your anthos-aws directory, use anthos-gke to switch context to your user cluster.

cd anthos-aws
env HTTPS_PROXY=http://localhost:8118 \
  anthos-gke aws clusters get-credentials CLUSTER_NAME

Replace CLUSTER_NAME with your user cluster name.