Yandex Cloud
Search
Contact UsGet started
  • Blog
  • Pricing
  • Documentation
  • All Services
  • System Status
    • Featured
    • Infrastructure & Network
    • Data Platform
    • Containers
    • Developer tools
    • Serverless
    • Security
    • Monitoring & Resources
    • ML & AI
    • Business tools
  • All Solutions
    • By industry
    • By use case
    • Economics and Pricing
    • Security
    • Technical Support
    • Customer Stories
    • Cloud credits to scale your IT product
    • Gateway to Russia
    • Cloud for Startups
    • Education and Science
    • Yandex Cloud Partner program
  • Blog
  • Pricing
  • Documentation
© 2025 Direct Cursus Technology L.L.C.
Yandex Managed Service for Kubernetes
  • Comparison with other Yandex Cloud services
  • Getting started
    • All guides
    • Connecting to a node over SSH
    • Connecting to a node via OS Login
    • Updating Kubernetes
    • Configuring autoscaling
      • Connection method overview
      • Configuring security groups
      • Creating a static configuration file
    • Connecting external nodes to the cluster
  • Access management
  • Pricing policy
  • Terraform reference
  • Monitoring metrics
  • Audit Trails events
  • Release notes

In this article:

  • Configuring security groups
  • Connecting to a cluster
  • Connecting using a static configuration
  1. Step-by-step guides
  2. Connecting to a cluster
  3. Connection method overview

Connection method overview

Written by
Yandex Cloud
Updated at May 5, 2025
  • Configuring security groups
  • Connecting to a cluster
  • Connecting using a static configuration

You can connect to a Managed Service for Kubernetes cluster using the following methods:

  • Over the internet if you configured public access for the cluster when creating it.
  • From Yandex Cloud virtual machines located in the same cloud network.

To connect to a cluster, you can use:

  • kubectl
  • Static configuration file

To connect to cluster nodes, follow the instructions in Connecting to a node over SSH.

Configuring security groupsConfiguring security groups

Security groups may block cluster connections. To manage a cluster using kubectl, you must have rules in security groups that allow access to the Kubernetes API. If you need a step-by-step guide on setting up rules, see Rules to access the Kubernetes API.

Connecting to a clusterConnecting to a cluster

When connecting to a Kubernetes cluster, the user logs in to Yandex Identity and Access Management and is granted access based on the assigned role. To log in, you must install the Yandex Cloud command-line interface (CLI).

If you do not have the Yandex Cloud CLI yet, install and initialize it.

The folder specified when creating the CLI profile is used by default. To change the default folder, use the yc config set folder-id <folder_ID> command. You can specify a different folder using the --folder-name or --folder-id parameter.

To connect to a cluster:

  1. Install kubectl.

  2. Add credentials to the kubectl configuration file depending on the type of the IP address of the cluster you are connecting to:

    Public IP address
    Internal IP address

    To get credentials to connect to the cluster's public IP address via the internet, run this command:

    yc managed-kubernetes cluster \
       get-credentials <cluster_name_or_ID> \
       --external
    

    You can also run this command from the management console. Go to the Overview page for the appropriate cluster and click Get started in the top-right corner.

    If you created your cluster with no public IP address, this cluster can only be connected to using its internal IP.

    To get credentials to connect to the cluster's internal IP address from a VM located in the same network, run this command:

    yc managed-kubernetes cluster \
       get-credentials <cluster_name_or_ID> \
       --internal
    

    You can also run this command from the management console. Go to the Overview page for the appropriate cluster and click Get started in the top-right corner.

    Note

    By default, credentials are added to the $HOME/.kube/config file. If you need to change the configuration location, use the --kubeconfig <file_path> flag.

  3. Make sure the cluster is accessible:

    kubectl cluster-info
    

    If kubectl is configured correctly, the command will return cluster information.

Connecting using a static configurationConnecting using a static configuration

If you cannot use the Yandex Cloud CLI for some reason, connect to a cluster using static configuration files.

Was the article helpful?

Previous
Configuring autoscaling
Next
Configuring security groups
© 2025 Direct Cursus Technology L.L.C.