Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable encyption_config in EKS Cluster Creation (secrets using KMS at rest - on etcd -) #59

Closed
omerfsen opened this issue May 3, 2020 · 0 comments · Fixed by #62
Closed

Enable encyption_config in EKS Cluster Creation (secrets using KMS at rest - on etcd -) #59

omerfsen opened this issue May 3, 2020 · 0 comments · Fixed by #62

Comments

@omerfsen
Copy link
Sponsor

omerfsen commented May 3, 2020
edited by osterman

Have a question? Please checkout our Slack Community or visit our Slack Archive.

Slack Community

Describe the Feature

aws_eks_cluster now support Encryption Config to use KMS on Secrets on rest (etcd)

Expected Behavior

To have:

  cluster_encryption_config = [
    {
      provider_key_arn = aws_kms_key.eks.arn
      resources        = ["secrets"]
    }
  ]

Use Case

https://aws.amazon.com/blogs/containers/using-eks-encryption-provider-support-for-defense-in-depth/

Describe Ideal Solution

A clear and concise description of what you want to happen. If you don't know, that's okay.

Alternatives Considered

Explain what alternative solutions or features you've considered.

Additional Context

Add any other context or screenshots about the feature request here.
@RothAndrew RothAndrew linked a pull request Jun 12, 2020 that will close this issue
Enable encryption config #62
Merged
@vkhatri vkhatri mentioned this issue Aug 3, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Enable encryption config vkhatri/terraform-aws-eks-cluster
1 participant
@omerfsen