awslabs.eks-mcp-server 0.1.10__py3-none-any.whl → 0.1.13__py3-none-any.whl

awslabs/eks_mcp_server/__init__.py

@@ -14,4 +14,4 @@
 
 """awslabs.eks-mcp-server"""
 
-__version__ = '0.1.10'
+__version__ = '0.1.13'

awslabs/eks_mcp_server/insights_handler.py

@@ -0,0 +1,342 @@
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Insights handler for the EKS MCP Server."""
+
+from awslabs.eks_mcp_server.aws_helper import AwsHelper
+from awslabs.eks_mcp_server.logging_helper import LogLevel, log_with_request_id
+from awslabs.eks_mcp_server.models import (
+    EksInsightItem,
+    EksInsightsResponse,
+    EksInsightStatus,
+)
+from datetime import datetime
+from mcp.server.fastmcp import Context
+from mcp.types import TextContent
+from pydantic import Field
+from typing import Any, Optional
+
+
+class InsightsHandler:
+    """Handler for Amazon EKS Insights.
+
+    This class provides tools for retrieving and analyzing insights about
+    EKS cluster configuration and upgrade readiness.
+    """
+
+    def __init__(
+        self,
+        mcp,
+        allow_sensitive_data_access: bool = False,
+    ):
+        """Initialize the Insights handler.
+
+        Args:
+            mcp: The MCP server instance
+            allow_sensitive_data_access: Whether to allow access to sensitive data (default: False)
+        """
+        self.mcp = mcp
+        self.allow_sensitive_data_access = allow_sensitive_data_access
+
+        # Register tools
+        self.mcp.tool(name='get_eks_insights')(self.get_eks_insights)
+
+        # Initialize AWS clients
+        self.eks_client = AwsHelper.create_boto3_client('eks')
+
+    # EKS Insights tool
+    async def get_eks_insights(
+        self,
+        ctx: Context,
+        cluster_name: str = Field(..., description='Name of the EKS cluster'),
+        insight_id: Optional[str] = Field(
+            None,
+            description='ID of a specific insight to get detailed information for. If provided, returns detailed information about this specific insight.',
+        ),
+        category: Optional[str] = Field(
+            None,
+            description='Filter insights by category (e.g., "MISCONFIGURATION" or "UPGRADE_READINESS")',
+        ),
+        next_token: Optional[str] = Field(
+            None,
+            description='Token for pagination to get the next set of results',
+        ),
+    ) -> EksInsightsResponse:
+        """Get EKS Insights for cluster configuration and upgrade readiness.
+
+        This tool retrieves Amazon EKS Insights that identify potential issues with
+        your EKS cluster. These insights help identify both cluster configuration issues
+        and upgrade readiness concerns that might affect hybrid nodes functionality.
+
+        Amazon EKS provides two types of insights:
+        - MISCONFIGURATION insights: Identify misconfigurations in your EKS cluster setup
+        - UPGRADE_READINESS insights: Identify issues that could prevent successful cluster upgrades
+
+        When used without an insight_id, it returns a list of all insights.
+        When used with an insight_id, it returns detailed information about
+        that specific insight, including recommendations.
+
+        ## Requirements
+        - The server must be run with the `--allow-sensitive-data-access` flag
+
+        ## Response Information
+        The response includes insight details such as status, description, and
+        recommendations for addressing identified issues.
+
+        ## Usage Tips
+        - Review MISCONFIGURATION insights to identify cluster misconfigurations
+        - Check UPGRADE_READINESS insights before upgrading your cluster
+        - Pay special attention to insights with FAILING status
+        - Focus on insights related to node and network configuration for hybrid nodes
+
+        Args:
+            ctx: MCP context
+            cluster_name: Name of the EKS cluster
+            insight_id: Optional ID of a specific insight to get detailed information for
+            category: Optional category to filter insights by (e.g., "MISCONFIGURATION" or "UPGRADE_READINESS")
+            next_token: Optional token for pagination to get the next set of results
+
+        Returns:
+            EksInsightsResponse with insights information
+        """
+        # Extract values from Field objects before passing them to the implementation method
+        cluster_name_value = cluster_name
+        insight_id_value = insight_id
+        category_value = category
+        next_token_value = next_token
+
+        # Delegate to the implementation method with extracted values
+        return await self._get_eks_insights_impl(
+            ctx, cluster_name_value, insight_id_value, category_value, next_token_value
+        )
+
+    async def _get_eks_insights_impl(
+        self,
+        ctx: Context,
+        cluster_name: str,
+        insight_id: Optional[str] = None,
+        category: Optional[str] = None,
+        next_token: Optional[str] = None,
+    ) -> EksInsightsResponse:
+        """Internal implementation of get_eks_insights."""
+        try:
+            # Always use the default EKS client
+            eks_client = self.eks_client
+
+            # Determine operation mode based on whether insight_id is provided
+            detail_mode = insight_id is not None
+
+            if detail_mode:
+                # Get details for a specific insight
+                return await self._get_insight_detail(
+                    ctx, eks_client, cluster_name, insight_id, next_token
+                )
+            else:
+                # List all insights with optional category filter
+                return await self._list_insights(
+                    ctx, eks_client, cluster_name, category, next_token
+                )
+
+        except Exception as e:
+            error_message = f'Error processing EKS insights request: {str(e)}'
+            log_with_request_id(ctx, LogLevel.ERROR, error_message)
+            return EksInsightsResponse(
+                isError=True,
+                content=[TextContent(type='text', text=error_message)],
+                cluster_name=cluster_name,
+                insights=[],
+                next_token=None,
+                detail_mode=(insight_id is not None),
+            )
+
+    async def _get_insight_detail(
+        self,
+        ctx: Context,
+        eks_client,
+        cluster_name: str,
+        insight_id: str,
+        next_token: Optional[str] = None,
+    ) -> EksInsightsResponse:
+        """Get details for a specific EKS insight."""
+        log_with_request_id(
+            ctx,
+            LogLevel.INFO,
+            f'Getting details for insight {insight_id} in cluster {cluster_name}',
+        )
+
+        try:
+            response = eks_client.describe_insight(id=insight_id, clusterName=cluster_name)
+
+            # Extract and format the insight details
+            if 'insight' in response:
+                insight_data = response['insight']
+
+                # Create insight status object
+                status_obj = EksInsightStatus(
+                    status=insight_data.get('insightStatus', {}).get('status', 'UNKNOWN'),
+                    reason=insight_data.get('insightStatus', {}).get('reason', ''),
+                )
+
+                # Handle datetime objects for timestamps
+                last_refresh_time = insight_data.get('lastRefreshTime', 0)
+                if isinstance(last_refresh_time, datetime):
+                    last_refresh_time = last_refresh_time.timestamp()
+
+                last_transition_time = insight_data.get('lastTransitionTime', 0)
+                if isinstance(last_transition_time, datetime):
+                    last_transition_time = last_transition_time.timestamp()
+
+                # Convert insight to EksInsightItem format
+                insight_item = EksInsightItem(
+                    id=insight_data.get('id', ''),
+                    name=insight_data.get('name', ''),
+                    category=insight_data.get('category', ''),
+                    kubernetes_version=insight_data.get('kubernetesVersion'),
+                    last_refresh_time=last_refresh_time,
+                    last_transition_time=last_transition_time,
+                    description=insight_data.get('description', ''),
+                    insight_status=status_obj,
+                    recommendation=insight_data.get('recommendation'),
+                    additional_info=insight_data.get('additionalInfo', {}),
+                    resources=insight_data.get('resources', []),
+                    category_specific_summary=insight_data.get('categorySpecificSummary', {}),
+                )
+
+                success_message = f'Successfully retrieved details for insight {insight_id}'
+                return EksInsightsResponse(
+                    isError=False,
+                    content=[TextContent(type='text', text=success_message)],
+                    cluster_name=cluster_name,
+                    insights=[insight_item],
+                    next_token=None,  # No pagination for detail view
+                    detail_mode=True,
+                )
+            else:
+                error_message = f'No insight details found for ID {insight_id}'
+                log_with_request_id(ctx, LogLevel.WARNING, error_message)
+                return EksInsightsResponse(
+                    isError=True,
+                    content=[TextContent(type='text', text=error_message)],
+                    cluster_name=cluster_name,
+                    insights=[],
+                    next_token=None,
+                    detail_mode=True,
+                )
+
+        except Exception as e:
+            error_message = f'Error retrieving insight details: {str(e)}'
+            log_with_request_id(ctx, LogLevel.ERROR, error_message)
+            return EksInsightsResponse(
+                isError=True,
+                content=[TextContent(type='text', text=error_message)],
+                cluster_name=cluster_name,
+                insights=[],
+                next_token=None,
+                detail_mode=True,
+            )
+
+    async def _list_insights(
+        self,
+        ctx: Context,
+        eks_client,
+        cluster_name: str,
+        category: Optional[str] = None,
+        next_token: Optional[str] = None,
+    ) -> EksInsightsResponse:
+        """List EKS insights for a cluster with optional category filtering."""
+        log_with_request_id(ctx, LogLevel.INFO, f'Listing insights for cluster {cluster_name}')
+
+        try:
+            # Build the list_insights parameters
+            list_params: dict[str, Any] = {'clusterName': cluster_name}
+
+            # Add category filter if provided
+            if category:
+                log_with_request_id(
+                    ctx, LogLevel.INFO, f'Filtering insights by category: {category}'
+                )
+                # Use the filter parameter with the correct structure
+                list_params['filter'] = {'categories': [category]}
+
+            # Add next_token if provided
+            if next_token:
+                log_with_request_id(
+                    ctx, LogLevel.INFO, 'Using pagination token for next page of results'
+                )
+                list_params['nextToken'] = next_token
+
+            response = eks_client.list_insights(**list_params)
+
+            # Extract and format the insights
+            insight_items = []
+
+            if 'insights' in response:
+                for insight_data in response['insights']:
+                    # Create insight status object
+                    status_obj = EksInsightStatus(
+                        status=insight_data.get('insightStatus', {}).get('status', 'UNKNOWN'),
+                        reason=insight_data.get('insightStatus', {}).get('reason', ''),
+                    )
+
+                    # Handle datetime objects for timestamps
+                    last_refresh_time = insight_data.get('lastRefreshTime', 0)
+                    if isinstance(last_refresh_time, datetime):
+                        last_refresh_time = last_refresh_time.timestamp()
+
+                    last_transition_time = insight_data.get('lastTransitionTime', 0)
+                    if isinstance(last_transition_time, datetime):
+                        last_transition_time = last_transition_time.timestamp()
+
+                    # Convert insight to EksInsightItem format
+                    insight_item = EksInsightItem(
+                        id=insight_data.get('id', ''),
+                        name=insight_data.get('name', ''),
+                        category=insight_data.get('category', ''),
+                        kubernetes_version=insight_data.get('kubernetesVersion'),
+                        last_refresh_time=last_refresh_time,
+                        last_transition_time=last_transition_time,
+                        description=insight_data.get('description', ''),
+                        insight_status=status_obj,
+                        # List mode doesn't include these fields
+                        recommendation=None,
+                        additional_info=None,
+                        resources=None,
+                        category_specific_summary=None,
+                    )
+
+                    insight_items.append(insight_item)
+
+            success_message = (
+                f'Successfully retrieved {len(insight_items)} insights for cluster {cluster_name}'
+            )
+            return EksInsightsResponse(
+                isError=False,
+                content=[TextContent(type='text', text=success_message)],
+                cluster_name=cluster_name,
+                insights=insight_items,
+                next_token=response.get('nextToken'),
+                detail_mode=False,
+            )
+
+        except Exception as e:
+            error_message = f'Error listing insights: {str(e)}'
+            log_with_request_id(ctx, LogLevel.ERROR, error_message)
+            return EksInsightsResponse(
+                isError=True,
+                content=[TextContent(type='text', text=error_message)],
+                cluster_name=cluster_name,
+                insights=[],
+                next_token=None,
+                detail_mode=False,
+            )

awslabs/eks_mcp_server/k8s_apis.py

@@ -418,6 +418,7 @@ class K8sApis:
         since_seconds: Optional[int] = None,
         tail_lines: Optional[int] = None,
         limit_bytes: Optional[int] = None,
+        previous: Optional[bool] = None,
     ) -> str:
         """Get logs from a pod.
 
@@ -428,6 +429,7 @@ class K8sApis:
             since_seconds: Only return logs newer than this many seconds (optional)
             tail_lines: Number of lines to return from the end of the logs (optional)
             limit_bytes: Maximum number of bytes to return (optional)
+            previous: Return previous terminated container logs (optional)
 
         Returns:
             Pod logs as a string
@@ -448,6 +450,8 @@ class K8sApis:
                 params['tail_lines'] = tail_lines
             if limit_bytes:
                 params['limit_bytes'] = limit_bytes
+            if previous:
+                params['previous'] = previous
 
             # Call the read_namespaced_pod_log method
             logs_response = core_v1_api.read_namespaced_pod_log(

awslabs/eks_mcp_server/k8s_handler.py

@@ -878,6 +878,10 @@ class K8sHandler:
             10240,
             description='Maximum number of bytes to return. Default: 10KB (10240 bytes). Prevents retrieving extremely large log files.',
         ),
+        previous: bool = Field(
+            False,
+            description='Return previous terminated container logs. Default: false. Useful to get logs for pods that are restarting.',
+        ),
     ) -> PodLogsResponse:
         """Get logs from a pod in a Kubernetes cluster.
 
@@ -905,6 +909,7 @@ class K8sHandler:
             since_seconds: Only return logs newer than this many seconds (optional)
             tail_lines: Number of lines to return from the end of the logs (defaults to 100)
             limit_bytes: Maximum number of bytes to return (defaults to 10KB)
+            previous: Return previous terminated container logs (defaults to false)
 
         Returns:
             PodLogsResponse with pod logs
@@ -934,6 +939,7 @@ class K8sHandler:
                 since_seconds=since_seconds,
                 tail_lines=tail_lines,
                 limit_bytes=limit_bytes,
+                previous=previous,
             )
 
             # Split logs into lines

awslabs/eks_mcp_server/models.py

@@ -287,3 +287,81 @@ class MetricsGuidanceResponse(CallToolResult):
         ..., description='Resource type (cluster, node, pod, namespace, service)'
     )
     metrics: List[Dict[str, Any]] = Field(..., description='List of metrics with their details')
+
+
+class EksVpcConfigResponse(CallToolResult):
+    """Response model for get_eks_vpc_config tool.
+
+    This model contains comprehensive VPC configuration details for any EKS cluster,
+    including CIDR blocks and route tables which are essential for understanding
+    network connectivity. For hybrid node setups, it also automatically identifies
+    and includes remote node and pod CIDR configurations.
+    """
+
+    vpc_id: str = Field(..., description='ID of the VPC')
+    cidr_block: str = Field(..., description='Primary CIDR block of the VPC')
+    additional_cidr_blocks: List[str] = Field(
+        [], description='Additional CIDR blocks associated with the VPC'
+    )
+    routes: List[Dict[str, Any]] = Field(
+        ..., description='List of route entries in the main route table'
+    )
+    remote_node_cidr_blocks: List[str] = Field(
+        [], description='CIDR blocks configured for remote node access (for hybrid setups)'
+    )
+    remote_pod_cidr_blocks: List[str] = Field(
+        [], description='CIDR blocks configured for remote pod access (for hybrid setups)'
+    )
+    subnets: List[Dict[str, Any]] = Field(
+        [], description='List of subnets in the VPC with their configurations'
+    )
+    cluster_name: str = Field(..., description='Name of the EKS cluster')
+
+
+class EksInsightStatus(BaseModel):
+    """Status of an EKS insight with status code and reason."""
+
+    status: str = Field(..., description='Status of the insight (e.g., PASSING, FAILING, UNKNOWN)')
+    reason: str = Field(..., description='Explanation of the current status')
+
+
+class EksInsightItem(BaseModel):
+    """Model for a single EKS insight item."""
+
+    id: str = Field(..., description='Unique identifier of the insight')
+    name: str = Field(..., description='Name of the insight')
+    category: str = Field(
+        ..., description='Category of the insight (e.g., CONFIGURATION, UPGRADE_READINESS)'
+    )
+    kubernetes_version: Optional[str] = Field(
+        None, description='Target Kubernetes version for upgrade insights'
+    )
+    last_refresh_time: float = Field(
+        ..., description='Timestamp when the insight was last refreshed'
+    )
+    last_transition_time: float = Field(
+        ..., description='Timestamp when the insight last changed status'
+    )
+    description: str = Field(..., description='Description of what the insight checks')
+    insight_status: EksInsightStatus = Field(..., description='Current status of the insight')
+    recommendation: Optional[str] = Field(
+        None, description='Recommendation for addressing the insight'
+    )
+    additional_info: Optional[Dict[str, str]] = Field(
+        None, description='Additional information links'
+    )
+    resources: Optional[List[str]] = Field(None, description='Resources involved in the insight')
+    category_specific_summary: Optional[Dict[str, Any]] = Field(
+        None, description='Additional category-specific details'
+    )
+
+
+class EksInsightsResponse(CallToolResult):
+    """Response model for get_eks_insights tool."""
+
+    cluster_name: str = Field(..., description='Name of the EKS cluster')
+    insights: List[EksInsightItem] = Field(..., description='List of insights')
+    next_token: Optional[str] = Field(None, description='Token for pagination')
+    detail_mode: bool = Field(
+        False, description='Whether the response contains detailed insight information'
+    )

awslabs/eks_mcp_server/server.py

@@ -29,7 +29,9 @@ from awslabs.eks_mcp_server.cloudwatch_metrics_guidance_handler import CloudWatc
 from awslabs.eks_mcp_server.eks_kb_handler import EKSKnowledgeBaseHandler
 from awslabs.eks_mcp_server.eks_stack_handler import EksStackHandler
 from awslabs.eks_mcp_server.iam_handler import IAMHandler
+from awslabs.eks_mcp_server.insights_handler import InsightsHandler
 from awslabs.eks_mcp_server.k8s_handler import K8sHandler
+from awslabs.eks_mcp_server.vpc_config_handler import VpcConfigHandler
 from loguru import logger
 from mcp.server.fastmcp import FastMCP
 
@@ -149,6 +151,8 @@ def main():
     K8sHandler(mcp, allow_write, allow_sensitive_data_access)
     IAMHandler(mcp, allow_write)
     CloudWatchMetricsHandler(mcp)
+    VpcConfigHandler(mcp, allow_sensitive_data_access)
+    InsightsHandler(mcp, allow_sensitive_data_access)
 
     # Run server
     mcp.run()

awslabs/eks_mcp_server/vpc_config_handler.py

@@ -0,0 +1,425 @@
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""VPC Configuration handler for the EKS MCP Server."""
+
+from awslabs.eks_mcp_server.aws_helper import AwsHelper
+from awslabs.eks_mcp_server.logging_helper import LogLevel, log_with_request_id
+from awslabs.eks_mcp_server.models import EksVpcConfigResponse
+from mcp.server.fastmcp import Context
+from mcp.types import TextContent
+from pydantic import Field
+from typing import Optional
+
+
+class VpcConfigHandler:
+    """Handler for Amazon EKS VPC configuration.
+
+    This class provides tools for retrieving and analyzing VPC configurations
+    for EKS clusters, with special support for hybrid node setups.
+    """
+
+    def __init__(
+        self,
+        mcp,
+        allow_sensitive_data_access: bool = False,
+    ):
+        """Initialize the VPC Config handler.
+
+        Args:
+            mcp: The MCP server instance
+            allow_sensitive_data_access: Whether to allow access to sensitive data (default: False)
+        """
+        self.mcp = mcp
+        self.allow_sensitive_data_access = allow_sensitive_data_access
+
+        # Register tools
+        self.mcp.tool(name='get_eks_vpc_config')(self.get_eks_vpc_config)
+
+        # Initialize AWS clients
+        self.ec2_client = AwsHelper.create_boto3_client('ec2')
+        self.eks_client = AwsHelper.create_boto3_client('eks')
+
+    # VPC tool
+    async def get_eks_vpc_config(
+        self,
+        ctx: Context,
+        cluster_name: str = Field(
+            ...,
+            description='Name of the EKS cluster to get VPC configuration for',
+        ),
+        vpc_id: Optional[str] = Field(
+            None,
+            description='ID of the specific VPC to query (optional, will use cluster VPC if not specified)',
+        ),
+    ) -> EksVpcConfigResponse:
+        """Get VPC configuration for an EKS cluster.
+
+        This tool retrieves comprehensive VPC configuration details for any EKS cluster,
+        including CIDR blocks and route tables which are essential for understanding
+        network connectivity. For hybrid node setups, it also automatically identifies
+        and includes remote node and pod CIDR configurations.
+
+        ## Requirements
+        - The server must be run with the `--allow-sensitive-data-access` flag
+
+        ## Response Information
+        The response includes VPC CIDR blocks, route tables, and when available,
+        remote CIDR configurations for hybrid node connectivity.
+
+        ## Usage Tips
+        - Understand VPC networking configuration for any EKS cluster
+        - Examine route tables to verify proper network connectivity
+        - For hybrid setups: Check that remote node CIDR blocks are correctly configured
+        - For hybrid setups: Verify that VPC route tables include routes for hybrid node CIDRs
+
+        Args:
+            ctx: MCP context
+            cluster_name: Name of the EKS cluster
+            vpc_id: Optional ID of the specific VPC to query
+
+        Returns:
+            EksVpcConfigResponse with VPC configuration details
+        """
+        # Extract values from Field objects before passing them to the implementation method
+        vpc_id_value = None if vpc_id is None else str(vpc_id)
+
+        # Delegate to the implementation method with extracted values
+        return await self._get_eks_vpc_config_impl(ctx, cluster_name, vpc_id_value)
+
+    async def _get_vpc_id_for_cluster(self, ctx: Context, cluster_name: str) -> tuple[str, dict]:
+        """Get the VPC ID for a cluster.
+
+        Args:
+            ctx: MCP context
+            cluster_name: Name of the EKS cluster
+
+        Returns:
+            Tuple of (vpc_id, cluster_response)
+
+        Raises:
+            Exception: If the VPC ID cannot be determined
+        """
+        # Get cluster information to determine VPC ID
+        cluster_response = self.eks_client.describe_cluster(name=cluster_name)
+        vpc_id = cluster_response['cluster'].get('resourcesVpcConfig', {}).get('vpcId')
+
+        if not vpc_id:
+            error_message = f'Could not determine VPC ID for cluster {cluster_name}'
+            log_with_request_id(ctx, LogLevel.ERROR, error_message)
+            raise Exception(error_message)
+
+        return vpc_id, cluster_response
+
+    async def _get_vpc_details(self, ctx: Context, vpc_id: str) -> tuple[str, list[str]]:
+        """Get VPC details using the VPC ID.
+
+        Args:
+            ctx: MCP context
+            vpc_id: ID of the VPC to query
+
+        Returns:
+            Tuple of (cidr_block, additional_cidr_blocks)
+
+        Raises:
+            Exception: If the VPC is not found
+        """
+        # Get VPC details
+        vpc_response = self.ec2_client.describe_vpcs(VpcIds=[vpc_id])
+
+        if not vpc_response['Vpcs']:
+            error_message = f'VPC {vpc_id} not found'
+            log_with_request_id(ctx, LogLevel.ERROR, error_message)
+            raise Exception(error_message)
+
+        # Extract VPC information
+        vpc = vpc_response['Vpcs'][0]
+        cidr_block = vpc.get('CidrBlock', '')
+        additional_cidr_blocks = [
+            cidr_association.get('CidrBlock', '')
+            for cidr_association in vpc.get('CidrBlockAssociationSet', [])[1:]
+            if 'CidrBlock' in cidr_association
+        ]
+
+        return cidr_block, additional_cidr_blocks
+
+    async def _get_subnet_information(self, ctx: Context, vpc_id: str) -> list[dict]:
+        """Get subnet information for a VPC.
+
+        Args:
+            ctx: MCP context
+            vpc_id: ID of the VPC to query
+
+        Returns:
+            List of subnet information dictionaries
+        """
+        # Get subnets for the VPC
+        subnets_response = self.ec2_client.describe_subnets(
+            Filters=[{'Name': 'vpc-id', 'Values': [vpc_id]}]
+        )
+
+        subnets = []
+        for subnet in subnets_response.get('Subnets', []):
+            # Extract all subnet information to variables first
+            subnet_id = subnet.get('SubnetId', '')
+            subnet_cidr_block = subnet.get('CidrBlock', '')
+            az_id = subnet.get('AvailabilityZoneId', '')
+            az_name = subnet.get('AvailabilityZone', '')
+            available_ips = subnet.get('AvailableIpAddressCount', 0)
+            is_public = subnet.get('MapPublicIpOnLaunch', False)
+            assign_ipv6 = subnet.get('AssignIpv6AddressOnCreation', False)
+
+            # Check for disallowed AZs
+            disallowed_azs = ['use1-az3', 'usw1-az2', 'cac1-az3']
+            in_disallowed_az = az_id in disallowed_azs
+            has_sufficient_ips = available_ips >= 16  # AWS recommends 16
+
+            # Store subnet information
+            subnet_info = {
+                'subnet_id': subnet_id,
+                'cidr_block': subnet_cidr_block,
+                'az_id': az_id,
+                'az_name': az_name,
+                'available_ips': available_ips,
+                'is_public': is_public,
+                'assign_ipv6': assign_ipv6,
+                'in_disallowed_az': in_disallowed_az,
+                'has_sufficient_ips': has_sufficient_ips,
+            }
+            subnets.append(subnet_info)
+
+        return subnets
+
+    async def _get_route_table_information(self, ctx: Context, vpc_id: str) -> list[dict]:
+        """Get route table information for a VPC.
+
+        Args:
+            ctx: MCP context
+            vpc_id: ID of the VPC to query
+
+        Returns:
+            List of route information dictionaries
+        """
+        # Get route tables for the VPC
+        route_tables_response = self.ec2_client.describe_route_tables(
+            Filters=[{'Name': 'vpc-id', 'Values': [vpc_id]}]
+        )
+
+        # Extract route information from the main route table
+        routes = []
+        for rt in route_tables_response.get('RouteTables', []):
+            # Check if this is the main route table
+            is_main = False
+            for association in rt.get('Associations', []):
+                if association.get('Main', False):
+                    is_main = True
+                    break
+
+            if is_main:
+                for route in rt.get('Routes', []):
+                    # Skip the local route
+                    if route.get('GatewayId') == 'local':
+                        continue
+
+                    # Determine the target type and ID
+                    target_type = None
+                    target_id = None
+
+                    for target_field in [
+                        'GatewayId',
+                        'NatGatewayId',
+                        'TransitGatewayId',
+                        'NetworkInterfaceId',
+                        'VpcPeeringConnectionId',
+                    ]:
+                        if target_field in route and route[target_field]:
+                            target_type = target_field.replace('Id', '').lower()
+                            target_id = route[target_field]
+                            break
+
+                    route_info = {
+                        'destination_cidr_block': route.get('DestinationCidrBlock', ''),
+                        'target_type': target_type or 'unknown',
+                        'target_id': target_id or 'unknown',
+                        'state': route.get('State', ''),
+                    }
+                    routes.append(route_info)
+
+        return routes
+
+    async def _get_remote_cidr_blocks(
+        self, ctx: Context, cluster_name: str, cluster_response: Optional[dict] = None
+    ) -> tuple[list[str], list[str]]:
+        """Get remote node and pod CIDR blocks.
+
+        Args:
+            ctx: MCP context
+            cluster_name: Name of the EKS cluster
+            cluster_response: Cluster response from a previous API call
+
+        Returns:
+            Tuple of (remote_node_cidr_blocks, remote_pod_cidr_blocks)
+        """
+        remote_node_cidr_blocks = []
+        remote_pod_cidr_blocks = []
+
+        # Extract remote network config from the cluster response
+        if cluster_response and 'cluster' in cluster_response:
+            if 'remoteNetworkConfig' in cluster_response['cluster']:
+                remote_config = cluster_response['cluster']['remoteNetworkConfig']
+
+                # Extract remote node CIDRs
+                if 'remoteNodeNetworks' in remote_config:
+                    for network in remote_config['remoteNodeNetworks']:
+                        if 'cidrs' in network:
+                            for cidr in network['cidrs']:
+                                if cidr not in remote_node_cidr_blocks:
+                                    remote_node_cidr_blocks.append(cidr)
+                                    log_with_request_id(
+                                        ctx,
+                                        LogLevel.INFO,
+                                        f'Found remote node CIDR in remoteNetworkConfig: {cidr}',
+                                    )
+
+                # Extract remote pod CIDRs
+                if 'remotePodNetworks' in remote_config:
+                    for network in remote_config['remotePodNetworks']:
+                        if 'cidrs' in network:
+                            for cidr in network['cidrs']:
+                                if cidr not in remote_pod_cidr_blocks:
+                                    remote_pod_cidr_blocks.append(cidr)
+                                    log_with_request_id(
+                                        ctx,
+                                        LogLevel.INFO,
+                                        f'Found remote pod CIDR in remoteNetworkConfig: {cidr}',
+                                    )
+
+        # Log summary of detected CIDRs
+        if remote_node_cidr_blocks:
+            log_with_request_id(
+                ctx,
+                LogLevel.INFO,
+                f'Detected remote node CIDRs: {", ".join(remote_node_cidr_blocks)}',
+            )
+        else:
+            log_with_request_id(ctx, LogLevel.WARNING, 'No remote node CIDRs detected')
+
+        if remote_pod_cidr_blocks:
+            log_with_request_id(
+                ctx,
+                LogLevel.INFO,
+                f'Detected remote pod CIDRs: {", ".join(remote_pod_cidr_blocks)}',
+            )
+        else:
+            log_with_request_id(ctx, LogLevel.WARNING, 'No remote pod CIDRs detected')
+
+        return remote_node_cidr_blocks, remote_pod_cidr_blocks
+
+    async def _get_eks_vpc_config_impl(
+        self, ctx: Context, cluster_name: str, vpc_id: Optional[str] = None
+    ) -> EksVpcConfigResponse:
+        """Internal implementation of get_eks_vpc_config."""
+        try:
+            # Always get the cluster response for remote CIDR information
+            cluster_response = None
+            try:
+                if not vpc_id:
+                    # Get both VPC ID and cluster response
+                    vpc_id, cluster_response = await self._get_vpc_id_for_cluster(
+                        ctx, cluster_name
+                    )
+                else:
+                    # Just get the cluster response when VPC ID is provided
+                    _, cluster_response = await self._get_vpc_id_for_cluster(ctx, cluster_name)
+            except Exception as eks_error:
+                error_message = f'Error getting cluster information: {str(eks_error)}'
+                log_with_request_id(ctx, LogLevel.ERROR, error_message)
+                return EksVpcConfigResponse(
+                    isError=True,
+                    content=[TextContent(type='text', text=error_message)],
+                    vpc_id='',
+                    cidr_block='',
+                    additional_cidr_blocks=[],  # Add missing parameter
+                    routes=[],
+                    remote_node_cidr_blocks=[],
+                    remote_pod_cidr_blocks=[],
+                    subnets=[],
+                    cluster_name=cluster_name,
+                )
+
+            try:
+                # Get VPC details
+                cidr_block, additional_cidr_blocks = await self._get_vpc_details(ctx, vpc_id)
+
+                # Get subnet information
+                subnets = await self._get_subnet_information(ctx, vpc_id)
+
+                # Get route table information
+                routes = await self._get_route_table_information(ctx, vpc_id)
+
+                # Get remote CIDR blocks
+                (
+                    remote_node_cidr_blocks,
+                    remote_pod_cidr_blocks,
+                ) = await self._get_remote_cidr_blocks(ctx, cluster_name, cluster_response)
+
+                # Create the response
+                success_message = (
+                    f'Retrieved VPC configuration for {vpc_id} (cluster {cluster_name})'
+                )
+                log_with_request_id(ctx, LogLevel.INFO, success_message)
+
+                return EksVpcConfigResponse(
+                    isError=False,
+                    content=[TextContent(type='text', text=success_message)],
+                    vpc_id=vpc_id,
+                    cidr_block=cidr_block,
+                    additional_cidr_blocks=additional_cidr_blocks,
+                    routes=routes,
+                    remote_node_cidr_blocks=remote_node_cidr_blocks,
+                    remote_pod_cidr_blocks=remote_pod_cidr_blocks,
+                    subnets=subnets,
+                    cluster_name=cluster_name,
+                )
+            except Exception as e:
+                error_message = f'Error retrieving VPC configuration: {str(e)}'
+                log_with_request_id(ctx, LogLevel.ERROR, error_message)
+                return EksVpcConfigResponse(
+                    isError=True,
+                    content=[TextContent(type='text', text=error_message)],
+                    vpc_id='',
+                    cidr_block='',
+                    additional_cidr_blocks=[],  # Add missing parameter
+                    routes=[],
+                    remote_node_cidr_blocks=[],
+                    remote_pod_cidr_blocks=[],
+                    subnets=[],
+                    cluster_name=cluster_name,
+                )
+
+        except Exception as e:
+            error_message = f'Error retrieving VPC configuration: {str(e)}'
+            log_with_request_id(ctx, LogLevel.ERROR, error_message)
+            return EksVpcConfigResponse(
+                isError=True,
+                content=[TextContent(type='text', text=error_message)],
+                vpc_id='',
+                cidr_block='',
+                additional_cidr_blocks=[],  # Add missing parameter
+                routes=[],
+                remote_node_cidr_blocks=[],
+                remote_pod_cidr_blocks=[],
+                subnets=[],
+                cluster_name=cluster_name,
+            )

{awslabs_eks_mcp_server-0.1.10.dist-info → awslabs_eks_mcp_server-0.1.13.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: awslabs.eks-mcp-server
-Version: 0.1.10
+Version: 0.1.13
 Summary: An AWS Labs Model Context Protocol (MCP) server for EKS
 Project-URL: homepage, https://awslabs.github.io/mcp/
 Project-URL: docs, https://awslabs.github.io/mcp/servers/eks-mcp-server/
@@ -69,6 +69,11 @@ For read operations, the following permissions are required:
       "Effect": "Allow",
       "Action": [
         "eks:DescribeCluster",
+        "eks:DescribeInsight",
+        "eks:ListInsights",
+        "ec2:DescribeVpcs",
+        "ec2:DescribeSubnets",
+        "ec2:DescribeRouteTables",
         "cloudformation:DescribeStacks",
         "cloudwatch:GetMetricData",
         "logs:StartQuery",
@@ -417,7 +422,7 @@ Features:
 
 Parameters:
 
-* cluster_name, pod_name, namespace, container_name (optional), since_seconds (optional), tail_lines (optional), limit_bytes (optional)
+* cluster_name, pod_name, namespace, container_name (optional), since_seconds (optional), tail_lines (optional), limit_bytes (optional), previous (optional)
 
 #### `get_k8s_events`
 
@@ -433,6 +438,22 @@ Parameters:
 
 * cluster_name, kind, name, namespace (optional)
 
+#### `get_eks_vpc_config`
+
+Retrieves comprehensive VPC configuration details for EKS clusters, with support for hybrid node setups.
+
+Features:
+
+* Returns detailed VPC configuration including CIDR blocks, route tables, and subnet information
+* Automatically identifies and includes remote node and pod CIDR configurations for hybrid node setups
+* Validates subnet capacity for EKS networking requirements
+* Flags subnets in disallowed availability zones that can't be used with EKS
+* Requires `--allow-sensitive-data-access` server flag to be enabled
+
+Parameters:
+
+* cluster_name, vpc_id (optional)
+
 ### CloudWatch Integration
 
 #### `get_cloudwatch_logs`
@@ -536,6 +557,23 @@ Parameters:
 
 * query
 
+#### `get_eks_insights`
+
+Retrieves Amazon EKS Insights that identify potential issues with your EKS cluster configuration and upgrade readiness.
+
+Features:
+
+* Returns insights in two categories: MISCONFIGURATION and UPGRADE_READINESS (for upgrade blockers)
+* Supports both list mode (all insights) and detail mode (specific insight with recommendations)
+* Includes status, descriptions, and timestamps for each insight
+* Provides detailed recommendations for addressing identified issues when using detail mode
+* Supports optional filtering by insight category
+* Requires `--allow-sensitive-data-access` server flag to be enabled
+
+Parameters:
+
+* cluster_name, insight_id (optional), category (optional), next_token (optional)
+
 
 ## Security & permissions
 
@@ -567,7 +605,7 @@ When using the EKS MCP Server, consider the following:
 
 The EKS MCP Server can be used for production environments with proper security controls in place. The server runs in read-only mode by default, which is recommended and considered generally safer for production environments. Only explicitly enable write access when necessary. Below are the EKS MCP server tools available in read-only versus write-access mode:
 
-* **Read-only mode (default)**: `manage_eks_stacks` (with operation="describe"), `manage_k8s_resource` (with operation="read"), `list_k8s_resources`, `get_pod_logs`, `get_k8s_events`, `get_cloudwatch_logs`, `get_cloudwatch_metrics`, `get_policies_for_role`, `search_eks_troubleshoot_guide`, `list_api_versions`.
+* **Read-only mode (default)**: `manage_eks_stacks` (with operation="describe"), `manage_k8s_resource` (with operation="read"), `list_k8s_resources`, `get_pod_logs`, `get_k8s_events`, `get_cloudwatch_logs`, `get_cloudwatch_metrics`, `get_policies_for_role`, `search_eks_troubleshoot_guide`, `list_api_versions`, `get_eks_vpc_config`, `get_eks_insights`.
 * **Write-access mode**: (require `--allow-write`): `manage_eks_stacks` (with "generate", "deploy", "delete"), `manage_k8s_resource` (with "create", "replace", "patch", "delete"), `apply_yaml`, `generate_app_manifest`, `add_inline_policy`.
 
 #### `autoApprove` (optional)

{awslabs_eks_mcp_server-0.1.10.dist-info → awslabs_eks_mcp_server-0.1.13.dist-info}/RECORD

@@ -1,5 +1,5 @@
 awslabs/__init__.py,sha256=WuqxdDgUZylWNmVoPKiK7qGsTB_G4UmuXIrJ-VBwDew,731
-awslabs/eks_mcp_server/__init__.py,sha256=tPktLgHOifJcN-ETEdq1fav2qyG6m36qqmgUpp7fRX0,669
+awslabs/eks_mcp_server/__init__.py,sha256=l3da-u1n3oy8cuxMtz1_wJvoRox4rwaxDLjR4C9jKwc,669
 awslabs/eks_mcp_server/aws_helper.py,sha256=Is0BCVPjhO-AqKFF0MnGpzNRjAe8E896VGrKWCz4gfo,4031
 awslabs/eks_mcp_server/cloudwatch_handler.py,sha256=k3GsORIFswOknxYM0reCBsCHXn--gSwl7WVtxkUTyzg,28853
 awslabs/eks_mcp_server/cloudwatch_metrics_guidance_handler.py,sha256=b0fFMvsGX98HKK4kVFI1YbhZqZC623lZ6TNXs3EiRSI,5283
@@ -7,20 +7,22 @@ awslabs/eks_mcp_server/consts.py,sha256=XBat-KcMckueQQpDeLkD_Nv_9G9kX0_d48sMEHtZ
 awslabs/eks_mcp_server/eks_kb_handler.py,sha256=6L3wS500AadKburhwf0zXEapXscd4VZCTY8t61u-j1Y,3548
 awslabs/eks_mcp_server/eks_stack_handler.py,sha256=p4Cbjcb7ga52hPo6-M1FFWhgIpuI0X4Hx024k4wxcwQ,27400
 awslabs/eks_mcp_server/iam_handler.py,sha256=lXA4acsBJAy5IekgdJM_yVzaaztanrPSpqX84ttSlO0,14817
-awslabs/eks_mcp_server/k8s_apis.py,sha256=q6tDabq2rpTKxdT5RoBEb0ebWc5bZ8V8tt498C-YOZs,21141
+awslabs/eks_mcp_server/insights_handler.py,sha256=Tc-2UkNReALQ_5L36BqiufGwy-AKkvt_g0W5ORhc52M,14374
+awslabs/eks_mcp_server/k8s_apis.py,sha256=qyRmT8i390wp-L3gVYqmtGBt5HDELTvUFto7fsVKBio,21328
 awslabs/eks_mcp_server/k8s_client_cache.py,sha256=vm-8VKC3zaCqpW9pOUmRDFulxzYCX8p8OvyOgtvh96o,5697
-awslabs/eks_mcp_server/k8s_handler.py,sha256=vA08ONRDky7S5hINif8hxe_Y1KAArQDzOao1YLf4Uck,49447
+awslabs/eks_mcp_server/k8s_handler.py,sha256=ztN5Tvf9cNNbSHxlgBua_o9-VsZH7YpVTw0ef4We3gE,49763
 awslabs/eks_mcp_server/logging_helper.py,sha256=hr8xZhAZOKyR7dkwc7bhqkDVuSDI3BRK3-UzllQkWgE,1854
-awslabs/eks_mcp_server/models.py,sha256=edsXbSfAPKR2o_0HVffLjUFlIbRJ5JxtuPFJZw028P0,12242
-awslabs/eks_mcp_server/server.py,sha256=UHKhCEgR7D5pXpH1xnpMyOfRLZ9o9d327n5c311erGI,6704
+awslabs/eks_mcp_server/models.py,sha256=fMiuW2XYsrBA6eI8s1O0y_xN73Q-Q9yOf0xJmBsr-c8,15631
+awslabs/eks_mcp_server/server.py,sha256=VjbDh-Kh-3sMwb9NXXp6kYoL9RRa6ikq-JzHeQZ-7PA,6952
+awslabs/eks_mcp_server/vpc_config_handler.py,sha256=iWOK0kSFrgdFszxUHKVt4e0GFfSgphgJqsYVSREWbIM,17144
 awslabs/eks_mcp_server/data/eks_cloudwatch_metrics_guidance.json,sha256=a4tzVdwpF_0kZGwOJCDEQskScp5rjRU89M7ONp3HpdA,9304
 awslabs/eks_mcp_server/scripts/update_eks_cloudwatch_metrics_guidance.py,sha256=Y1OvU85wc3WIviUbabbGCCO-DvJwtP2UU9ABuEMSNyY,10099
 awslabs/eks_mcp_server/templates/eks-templates/eks-with-vpc.yaml,sha256=_Lxk2MEXNA7N0-kvXckxwBamDEagjGvC6-Z5uxhVO5s,10774
 awslabs/eks_mcp_server/templates/k8s-templates/deployment.yaml,sha256=J2efYFISlT3sTvf8_BJV3p0_m51cltqiRhXdBXb9YJs,2343
 awslabs/eks_mcp_server/templates/k8s-templates/service.yaml,sha256=DA0Db_5yjUZmnnYy5Bljcv3hj7D6YvFFWFRB6GiIstY,414
-awslabs_eks_mcp_server-0.1.10.dist-info/METADATA,sha256=PolPJ81QfeKPKiy674tf5arnWVw7lvVx6hYT0SFG1Lc,29842
-awslabs_eks_mcp_server-0.1.10.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-awslabs_eks_mcp_server-0.1.10.dist-info/entry_points.txt,sha256=VydotfOJYck8o4TPsaF6Pjmc8Bp_doacYXSE_71qH4c,78
-awslabs_eks_mcp_server-0.1.10.dist-info/licenses/LICENSE,sha256=CeipvOyAZxBGUsFoaFqwkx54aPnIKEtm9a5u2uXxEws,10142
-awslabs_eks_mcp_server-0.1.10.dist-info/licenses/NOTICE,sha256=gnCtD34qTDnb2Lykm9kNFYkqZIvqJHGuq1ZJBkl6EgE,90
-awslabs_eks_mcp_server-0.1.10.dist-info/RECORD,,
+awslabs_eks_mcp_server-0.1.13.dist-info/METADATA,sha256=k9hpWwKrhEL_j-axjOfHWeX3DgfYnNPbIeecpY7LynM,31384
+awslabs_eks_mcp_server-0.1.13.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+awslabs_eks_mcp_server-0.1.13.dist-info/entry_points.txt,sha256=VydotfOJYck8o4TPsaF6Pjmc8Bp_doacYXSE_71qH4c,78
+awslabs_eks_mcp_server-0.1.13.dist-info/licenses/LICENSE,sha256=CeipvOyAZxBGUsFoaFqwkx54aPnIKEtm9a5u2uXxEws,10142
+awslabs_eks_mcp_server-0.1.13.dist-info/licenses/NOTICE,sha256=gnCtD34qTDnb2Lykm9kNFYkqZIvqJHGuq1ZJBkl6EgE,90
+awslabs_eks_mcp_server-0.1.13.dist-info/RECORD,,