Kubernetes (K8s) is the leading container orchestration platform, and Kops (Kubernetes Operations) is the best tool to set up production-grade clusters on AWS.

In this guide, we will deploy Kubernetes on AWS using Kops with IAM Role authentication instead of static IAM users. We'll also cover the cleanup process to remove the cluster when needed.

Prerequisites

1. AWS Account

Ensure you have an AWS account with administrative permissions.

2. Register a Domain Name

Kops requires a fully qualified domain name (FQDN) to manage your Kubernetes cluster.

Recommended: Use AWS Route 53 to manage your domain.
Or, use an external registrar and configure Route 53 manually.

Example domain: techfusion.life (Kops will manage subdomains like api.techfusion.life).

3. Create an S3 Bucket for Kops State Store

Kops needs an S3 bucket to store cluster configurations.

bash aws s3api create-bucket --bucket techfusion.life --region us-east-1 aws s3api put-bucket-versioning --bucket techfusion.life --versioning-configuration Status=Enabled

4. Configure Route 53 for DNS

Open AWS Console → Navigate to Route 53.
Click Hosted Zones → Create a new Hosted Zone for techfusion.life.
If using an external domain, update its NS (Name Server) Records with values from Route 53.

Setting Up IAM Role for Kops

1. Create an IAM Role

Open AWS IAM Console → Click Roles → Create Role.
Choose AWS Service → Select EC2 → Click Next.
Attach the following policies: bash AmazonEC2FullAccess AmazonRoute53FullAccess AmazonS3FullAccess IAMFullAccess AmazonVPCFullAccess AmazonSQSFullAccess AmazonEventBridgeFullAccess
Click Next, name the role Kops-Role, and create it.

2. Attach IAM Role to EC2 Instance

Go to AWS EC2 Console → Select your EC2 instance.
Click Actions → Security → Modify IAM Role.
Select Kops-Role and update it.

3. Verify IAM Role Permissions

On the EC2 instance, run: bash curl http://169.254.169.254/latest/meta-data/iam/security-credentials/ aws sts get-caller-identity aws s3 ls

If these commands return output, IAM Role is attached properly.

Creating a Kubernetes Cluster Using Kops

1. Install Required Tools

bash sudo yum update -y # Amazon Linux sudo apt update -y # Ubuntu/Debian

Install tools

sudo yum install -y jq net-tools unzip tree sudo apt install -y jq net-tools unzip tree

2. Install AWS CLI, Kops, and Kubectl

bash

AWS CLI

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" unzip awscliv2.zip sudo ./aws/install aws --version

Kops

curl -LO https://github.com/kubernetes/kops/releases/latest/download/kops-linux-amd64 chmod +x kops-linux-amd64 sudo mv kops-linux-amd64 /usr/local/bin/kops kops version

Kubectl

curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" chmod +x kubectl sudo mv kubectl /usr/local/bin/kubectl kubectl version --client

3. Generate SSH Keys for Cluster Access

bash ssh-keygen -t rsa -b 4096 -C "kops-cluster" -f ~/.ssh/id_rsa

4. Set Environment Variables

bash export KOPS_CLUSTER_NAME=techfusion.life export KOPS_STATE_STORE=s3://techfusion.life

To persist them: bash echo 'export KOPS_CLUSTER_NAME=techfusion.life' >> ~/.bashrc echo 'export KOPS_STATE_STORE=s3://techfusion.life' >> ~/.bashrc source ~/.bashrc

5. Create the Kubernetes Cluster

bash kops create cluster --name=techfusion.life
--state=s3://techfusion.life
--zones=us-east-1a,us-east-1b
--node-count=2
--control-plane-count=1
--node-size=t3.medium
--control-plane-size=t3.medium
--control-plane-zones=us-east-1a
--control-plane-volume-size=20
--node-volume-size=10
--ssh-public-key=~/.ssh/id_rsa.pub
--dns-zone=techfusion.life
--networking=calico
--yes

6. Validate the Cluster

bash kops validate cluster --state=s3://techfusion.life kubectl get nodes

Deleting the Kubernetes Cluster

1. Delete the Cluster

bash kops delete cluster --name=$KOPS_CLUSTER_NAME --state=$KOPS_STATE_STORE --yes

2. Verify Deletion

bash kops get cluster --state=$KOPS_STATE_STORE kubectl get nodes

3. Clean Up Resources