Import Amazon EKS Cluster

Connect an existing Amazon EKS (Elastic Kubernetes Service) cluster to the platform for unified management.

Prerequisites

The cluster's Kubernetes version and settings meet the requirements in Version compatibility for importing standard Kubernetes clusters.
The image registry must support HTTPS and provide a valid TLS certificate issued by a public CA.

Prepare the environment

To comply with AWS EKS security practices, perform the following steps in AWS CloudShell.

Ensure network connectivity to the AWS Management Console.
Search for cloudshell, then open CloudShell.
Verify that the selected region matches your target cluster's region; switch if needed.

After CloudShell is ready, clear the terminal and run:

# List clusters in the current region and verify your permissions
aws eks list-clusters

# <region-code> is the region of the cluster, e.g., us-west-1
# <my-cluster> is the cluster name from the previous output
aws eks update-kubeconfig --region <region-code> --name <my-cluster>

# The kubeconfig file is saved to "${HOME}/.kube/config"
# Save its content to a file, then upload it to the platform for parsing
cat "${HOME}/.kube/config"

The environment is now ready. For subsequent steps such as Get cluster information and Import cluster, run any commands against the target cluster from within CloudShell.

Get cluster information

Get the import token

KubeConfig from public‑cloud clusters cannot be used directly for import.

Refer to How do I get cluster information? to obtain the cluster import token.

Import the cluster

In the left navigation, go to Cluster Management > Clusters.
Click Import Cluster.

Configure the parameters as follows.

Parameter	Description
Image registry	Registry that stores platform component images required by the cluster. - Platform default: the registry configured when the global cluster was deployed. - Private registry: a pre-provisioned registry hosting required images. Provide the private registry address, port, username, and password. - Public registry: a public internet registry. Before use, obtain credentials as described in Update public registry cloud credentials.
Cluster information	Tip: Upload the kubeconfig file and let the platform parse it automatically. Cluster endpoint: the external API server address exposed by the target cluster. CA certificate: the cluster's CA certificate. Authentication: use the token created in the previous step with cluster administrator privileges.

Parameter

Description

Image registry

Registry that stores platform component images required by the cluster. - Platform default: the registry configured when the global cluster was deployed. - Private registry: a pre-provisioned registry hosting required images. Provide the private registry address, port, username, and password. - Public registry: a public internet registry. Before use, obtain credentials as described in Update public registry cloud credentials.

Cluster information

Tip: Upload the kubeconfig file and let the platform parse it automatically. Cluster endpoint: the external API server address exposed by the target cluster. CA certificate: the cluster's CA certificate. Authentication: use the token created in the previous step with cluster administrator privileges.

Click Check connectivity to verify network connectivity and automatically detect the cluster type. The detected type appears as a badge in the top-right of the form.
After the connectivity check passes, click Import, then confirm.

Tips:
- For clusters in the Importing state, click the details icon to view progress in the Execution progress dialog (status.conditions).
- After a successful import, the cluster list shows key information. The cluster status is Normal and cluster operations are available.

Network configuration

Ensure the global cluster and the imported cluster have network connectivity. See Network Configuration for Imported Clusters.

Next steps

Initialize Ingress and storage

If you need Ingress and storage capabilities, see Initialize Ingress for AWS EKS and Initialize storage for AWS EKS.

FAQ

The Add Node button is disabled after import. How can I add nodes?

Adding nodes from the platform UI is not supported. Please add nodes through your cluster provider.

Which certificates are supported by certificate management for imported clusters?

Kubernetes certificates: You can view the API server certificate only. Other Kubernetes certificates are not visible and are not auto-rotated.
Platform component certificates: Visible in the platform and support automatic rotation.

What features are not supported for imported AWS EKS clusters?

Audit data is not available.
ETCD, Scheduler, and Controller Manager metrics are not supported; a subset of API server charts is available.
Certificate details other than the Kubernetes API server certificate are not available.

View full docs as PDF

Import Amazon EKS Cluster

Connect an existing Amazon EKS (Elastic Kubernetes Service) cluster to the platform for unified management.

Prerequisites

The cluster's Kubernetes version and settings meet the requirements in Version compatibility for importing standard Kubernetes clusters.
The image registry must support HTTPS and provide a valid TLS certificate issued by a public CA.

Prepare the environment

To comply with AWS EKS security practices, perform the following steps in AWS CloudShell.

Ensure network connectivity to the AWS Management Console.
Search for cloudshell, then open CloudShell.
Verify that the selected region matches your target cluster's region; switch if needed.

After CloudShell is ready, clear the terminal and run:

# List clusters in the current region and verify your permissions
aws eks list-clusters

# <region-code> is the region of the cluster, e.g., us-west-1
# <my-cluster> is the cluster name from the previous output
aws eks update-kubeconfig --region <region-code> --name <my-cluster>

# The kubeconfig file is saved to "${HOME}/.kube/config"
# Save its content to a file, then upload it to the platform for parsing
cat "${HOME}/.kube/config"

The environment is now ready. For subsequent steps such as Get cluster information and Import cluster, run any commands against the target cluster from within CloudShell.

Get cluster information

Get the import token

KubeConfig from public‑cloud clusters cannot be used directly for import.

Refer to How do I get cluster information? to obtain the cluster import token.

Import the cluster

In the left navigation, go to Cluster Management > Clusters.
Click Import Cluster.

Configure the parameters as follows.

Parameter	Description
Image registry	Registry that stores platform component images required by the cluster. - Platform default: the registry configured when the global cluster was deployed. - Private registry: a pre-provisioned registry hosting required images. Provide the private registry address, port, username, and password. - Public registry: a public internet registry. Before use, obtain credentials as described in Update public registry cloud credentials.
Cluster information	Tip: Upload the kubeconfig file and let the platform parse it automatically. Cluster endpoint: the external API server address exposed by the target cluster. CA certificate: the cluster's CA certificate. Authentication: use the token created in the previous step with cluster administrator privileges.

Parameter

Description

Image registry

Cluster information

Click Check connectivity to verify network connectivity and automatically detect the cluster type. The detected type appears as a badge in the top-right of the form.
After the connectivity check passes, click Import, then confirm.

Tips:
- For clusters in the Importing state, click the details icon to view progress in the Execution progress dialog (status.conditions).
- After a successful import, the cluster list shows key information. The cluster status is Normal and cluster operations are available.

Network configuration

Ensure the global cluster and the imported cluster have network connectivity. See Network Configuration for Imported Clusters.

Next steps

Initialize Ingress and storage

If you need Ingress and storage capabilities, see Initialize Ingress for AWS EKS and Initialize storage for AWS EKS.

FAQ

The Add Node button is disabled after import. How can I add nodes?

Adding nodes from the platform UI is not supported. Please add nodes through your cluster provider.

Which certificates are supported by certificate management for imported clusters?

Kubernetes certificates: You can view the API server certificate only. Other Kubernetes certificates are not visible and are not auto-rotated.
Platform component certificates: Visible in the platform and support automatic rotation.

What features are not supported for imported AWS EKS clusters?

Audit data is not available.
ETCD, Scheduler, and Controller Manager metrics are not supported; a subset of API server charts is available.
Certificate details other than the Kubernetes API server certificate are not available.

Node Management

Managed Clusters

Import Clusters

Public Cloud Cluster Initialization

Network Initialization

Storage Initialization

How to

How to

Backup Management

Recovery Management

Architecture

Concepts

Guides

How To

Trouble Shooting

Concepts

Guides

How To

Troubleshooting

Install

Concepts

Guides

How To

Disaster Recovery

Concepts

Guides

How To

Guides

Compliance

Install

API Refiner

User

Guides

Group

Guides

Role

Guides

IDP

Guides

Troubleshooting

User Policy

Guides

Overview

Images

Guides

How To

Virtual Machine

Guides

How To

Troubleshooting

Network

Guides

How To

Storage

Guides

Backup and Recovery

Guides

Concepts

Concepts

Guides

Namespaces

Pre-Application-Creation Preparation

Creating Applications

Post-Application-Creation Configuration

Operation and Maintenance

Application Observability

Workloads

Pod

Container

How To

Install

How To

Install

Guides

How To

Concepts

Guides

Argo CD Concept

Alauda Container Platform GitOps Concepts

Creating GitOps Application