argocd-k8s-auth aws command dont have flag for region-code #11207
Labels
enhancement
New feature or request
Comments
|
Can you show something which indicates that managing clusters in regions other than where Argo CD is not working? I've been able to manage clusters across regions (and accounts) with |
|
Closing for now, if this is something which doesn't work feel free to re-open this issue. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
we have six eks clusters, and we have a ops eks cluster, deploy argocd in the ops eks cluster.
use an iam role sts assume for other aws accounts role to mange eks cluster
Motivation
my argocd serviceaccount have an iam role for sts assume to other accounts
can argocd-k8s-auth aws command have the region-code flag set?
like this
{ "tlsClientConfig": { "insecure": false, "caData": "LS0...==" }, "execProviderConfig": { "command": "aws", "args": [ "--region", "ap-northeast-1", "eks", "get-token", "--cluster-name", "[eks-cluster-name]", "--role", "arn:aws:iam::[aws-account-id]:role/[role-name]" ], "env": null, "apiVersion": "client.authentication.k8s.io/v1beta1", "installHint": "aws dont exist" } }Proposal
https://aws.amazon.com/premiumsupport/knowledge-center/amazon-eks-cluster-access/?nc1=h_ls
i use this docs to configure my eks clusters
i want have a region field in the awsAuthConfig configuration and a sts assume configuration,
this can use the arocd container identity role to aussme other aws role
like this:
{ ... "awsAuthConfig": { "region": "us-east-1", "clusterName": "[eks-cluster-name]", "assumeRoleARN": "arn:aws:iam::[aws-account-id]:role/[role-name]" }, .... }The text was updated successfully, but these errors were encountered: