New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for 'access entries' for authentication in EKS clusters #39
Conversation
…ion-reference-architectures into eks-api-auth
@@ -1,9 +1,6 @@ | |||
apiVersion: storage.k8s.io/v1 | |||
kind: StorageClass | |||
metadata: | |||
labels: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This isn't related to EKS API authentication, it's just some labels that should not be in the StorageClass example.
@@ -7,6 +7,8 @@ parameters: | |||
csi.storage.k8s.io/fstype: xfs | |||
type: gp3 | |||
encrypted: "true" | |||
throughput: "125" # default |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also not related to EKS API auth, just added the default throughput and iops settings for gp3 so it's more clear that's what you get unless you set it.
What type of PR is this?
/kind feature
What this PR does / why we need it:
This PR introduces support for 'access entries' that allows for management of the users and roles that can access an EKS cluster's API from the outside the cluster.
This feature was released late last year: https://aws.amazon.com/blogs/containers/a-deep-dive-into-simplified-amazon-eks-access-management-controls/
The default (which is 'ConfigMap') has been left to maintain backwards compatibility.
Which issue(s) this PR fixes:
Special notes for your reviewer: