Obtain Location and Token of a Kubernetes Cluster

This procedure describes how to obtain the information you need about a running Secure Firewall Cloud Native cluster from AWS in order to onboard the cluster (or tenants) to CDO. (Optional) You can use the kubectl command line tool to collect this information.

Before you begin

To onboard to CDO, you need to have administrator access to the Secure Firewall Cloud Native running in AWS. Refer to the "AWS Getting Started section" of The Cisco Secure Firewall Cloud Native Getting Started Guide for information about:

  • AWS Identity and Access Management (IAM)

  • How to configure an AWS terminal session

Procedure

Step 1

Sign in to the AWS Management Console and open the AWS CloudFormation console at https://console.aws.amazon.com/cloudformation.

Step 2

On the CloudFormation > Stacks page of the CloudFormation console, select the stack name.

CloudFormation displays the stack details for the selected stack.

Step 3

Choose the Outputs tab to copy the required information to onboard the Secure Firewall Cloud Native to CDO. We recommend temporarily pasting the copied information into a note until you are ready to use them:

  • ClusterEndpoint ― Copy the cluster endpoint URL, which corresponds to the location in AWS.

    For example: https://6759987E2CE4580D5.sk1.us-east-1.eks.amazonaws.com.

  • CDOToken ― Copy the CDO token required for authenticating the Secure Firewall Cloud Native.

  • Namespace ― Copy the namespace that corresponds to the cluster or tenant. You can find the namespace on the Parameters tab.

    The default namespace for the system is sfcn-system, and this is user-configurable during the stack creation. In a multi-tenant deployment, each tenant also has a user-configurable namespace.

Step 4

(Optional) You can use the kubectl command-line tool to collect this information.