Skip to main content

Import Clusters via Token

The Import via Token feature allows you to bring your existing Kubernetes clusters under management quickly—without requiring full cloud account integration. This enables you to monitor and scan clusters hosted on any provider using only a token, endpoint, and certificate.

Import Cluster via Token Screen

Introduction

Importing clusters via token provides a simple, flexible alternative to cloud account integration. This approach is ideal if:

  • You need to manage clusters without granting full cloud access.
  • You want to connect self-hosted or restricted environments.
  • You prefer token-based authentication for security or compliance.

Note: This method offers limited functionality compared to full cloud integration (e.g., no cost analysis).

Key Benefits

Fast Onboarding: Import clusters in minutes using token credentials.
Broad Compatibility: Works with any Kubernetes environment that supports API access via token.
Security Insights: Run security scans and monitor workloads without deeper cloud account integration.
Minimal Permissions Required: No need to share full cloud credentials.

Follow these steps to start importing your cluster:

  1. Go to Clusters

    • From the main navigation menu, click Clusters.

  2. Open the Import Cluster Panel

    • Click the Add Cluster or Import Cluster button.

  3. Select Cloud Provider

    • From the dropdown, choose Import via Token.

Providing Your Cluster Details

Once you’ve selected Import via Token, fill out the required fields:

1️⃣ Cloud Provider

Option:

  • Import via Token (selected from the dropdown)

2️⃣ Token

What it is:
A Kubernetes API authentication token with sufficient permissions to access cluster metadata and workloads.

Where to get it:

  • Click the link Download script for fetching token and endpoint.
  • Run the script in your cluster environment to retrieve the token securely.

3️⃣ Endpoint

What it is:
The Kubernetes API server endpoint URL.

Where to get it:

  • The same script you downloaded provides this value.
  • Alternatively, run kubectl config view or check your cloud provider’s dashboard.

4️⃣ CA Cert

What it is:
The Cluster Certificate Authority (CA) file (.crt) required to validate API server SSL/TLS.

How to upload:

  • Drag and drop your .crt file into the upload area.
  • Or click Browse to select the file manually.

Limited Functionality Post-Import

When you import using token and endpoint, you will be able to:

View Nodes: Monitor node health and configurations.
View Pods: Track pod status and workloads.
Run Security Scan: Evaluate vulnerabilities and compliance using Kubescape.

Limitations:

Cost Analysis Not Available: You cannot see spending, cost breakdowns, or forecasts.
Automation & Scaling: Some automation features tied to cloud APIs may not work.

Running a Security Scan

After import, you can run security scans:

  1. Navigate to Cluster Details.
  2. Click Run Security Scan in the Cluster Actions dropdown.
  3. Review security and compliance results in the dashboard.
Cluster Security Scan Results

Troubleshooting

🔹 Token Expired or Invalid

  • Re-run the fetch script and update the token.
  • Ensure the token has cluster-admin or equivalent permissions.

🔹 Invalid Endpoint

  • Confirm the URL includes https:// and is reachable from the platform.

🔹 Certificate Error

  • Verify that the .crt file matches your cluster’s CA.

Tips for Successful Imports

✔ Use short-lived tokens to reduce security risk.
✔ Keep your CA certificate up to date.
✔ Combine with regular security scans to maintain compliance.
✔ If you need full capabilities (e.g., cost tracking), consider full cloud account integration.

FAQ

Q: Can I import clusters from any provider?
A: Yes—any Kubernetes cluster accessible via API token and endpoint.

Q: How often does the platform sync imported cluster data?
A: Cluster status and workloads are refreshed periodically in near real-time.

Q: Can I convert an imported cluster to a fully integrated cloud account later?
A: Yes—delete the imported cluster and re-import using your cloud account credentials.

Conclusion

Import via Token makes it easy to quickly onboard clusters with minimal credentials. This helps you:

  • Centralize monitoring.
  • Run security scans.
  • Maintain operational visibility without sharing sensitive cloud account details.

If you have questions, please reach out to our support team.