Used to connect to a Kubernetes cluster using vanilla kubeconfig parameters.

Property Description
Resource Type k8s-cluster
Account Type None



Name Type Description
cluster_data object Contains the properties from the cluster object clusters: section of the kubeconfig
load_balancer string The IP address or hostname that ingress should be configured for in the cluster.


Name Type Description
credentials object Contains the properties from the user object within the users: section of the kubeconfig


The structure of the kubeconfig file is not well documented. In most systems it can be found in ~/kube/config. It is a YAML file.

At its top level, there are 4 properties:

Property Type Description
apiVersion string Always v1
clusters array An array of cluster objects. Each object has a name and cluster property containing the configuration.
contexts array Links a cluster to a user by names. Each object has its own name and context property that contains the mapping.
users array Defines the credentials for a user. Each object has its own name and user property that contains the credentials.

The Driver requires the contents of a cluster object in the clusters array and a user object within the users array.

For example, for this basic kubeconfig:

apiVersion: v1
- cluster:
    certificate-authority-data: "LS0tlkjdfl...sadfLS0K"
  name: my-cluster
- context:
    cluster: my-cluster
    user: my-user
  name: my-context
- name: my-user
    client-certificate-data: "LS0t4edkjl...dsLS0tCg=="
    client-key-data: "LS0tLS1CRU...gS0VZLS0tLS0K"
    token: 75e2...2s84

The cluster_data property would be:

  "certificate-authority-data": "LS0tlkjdfl...sadfLS0K",
  "server": ""

The credentials would be:

  "client-certificate-data": "LS0t4edkjl...dsLS0tCg==",
  "client-key-data": "LS0tLS1CRU...gS0VZLS0tLS0K",
  "token": "75e2...2s84"

(JSON is used because the Humanitec API requires JSON)


This Driver requires the contexts of one cluster and one user property. You can identify which cluster and user object you need by inspecting the contexts. This command will return the context object for the given context name:

# Command 1
# Output is the cluster and user name in the kubeconfig
yq e '.contexts[] | select(.name == "my-context") | .context' ~/.kube/config

The required cluster_data and credentials values can then be fetched with these commands:

# Command 2
# Fetch cluster_data.
# Output is the cluster data in JSON format.
yq e -o json '.clusters[] | select(.name == "my-cluster") | .cluster' ~/.kube/config

# Command 3
# Fetch credentials.
# Output is the user credentials in JSON format.
yq e -o json '.users[] | select(.name == "my-user") | .user' ~/.kube/config

The output of these two commands can then be combined into the payload to configure the Driver:

curl${HUMANITEC_ORG}/resources/defs \
  -X POST \
  -H "Authorization: Bearer ${HUMANITEC_TOKEN}" \
  -H "Content-Type: application/json" \
  --data-binary '
  "id": "my-cluster",
  "name": "My Cluster",
  "type": "k8s-cluster",
  "criteria": [
      "env_type": "development"
  "driver_type": "humanitec/k8s-cluster",
  "driver_inputs": {
    "values": {
      "cluster_data": <...json output of Command 2...>,
      "loadbalancer": <...IP address of hostname for ingress...>
    "secrets": {
      "credentials": <..json output of Command 3...>