aws-iam-authenticator error “could not load/generate a certificate” can be resolved by terminating master node
You can use Amazon EC2 Instance Connect which provides a simple and secure way to connect to your instances using Secure Shell (SSH).
Your source code is in bitbucket and your bitbucket setting requires whitelisting of server IP. You want to clone the repo on bastion server.
Additional user-data can be passed to the host provisioning by setting the additionalUserData field.
You can install a Kubernetes cluster on AWS using a tool called kops. kops provisions fully automated installation of cluster.
Agent forwarding is a mechanism whereby an SSH client allows an SSH server to use the local agent on the server, the user logs into, as if it was local there.
You can use psql command to import CSV data file to automate the process of importing data.
You can create kubernetes cluster using kops command in your existing VPC and hosted zone. Kops will create rest of the required AWS resources.
You do not need to create SSO in different AWS account to restrict or Deny permissions to users for different services especially IAM and SSO itself.
To filter Athena query data between two dates, you have to convert the date column data (saved as string) into timestamp and then type cast using date function.