Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support specifying assume_role_arn for Kube cluster matchers #28282

Merged
merged 2 commits into from
Jun 28, 2023
Merged

Support specifying assume_role_arn for Kube cluster matchers #28282

merged 2 commits into from
Jun 28, 2023

Commits on Jun 26, 2023

  1. Support specifiying assume_role_arn for Kube cluster matchers 

    This PR allows users to assume different AWS roles when interacting with
AWS EKS API. It allows users to proxy EKS clusters in different AWS
accounts using the same Teleport Kubernetes Service.

Example configuration:

```yaml

kubernetes_service:
  enabled: true
  resources:
  - labels:
      'a': 'b'
    aws:
      assume_role_arn: "arn:aws:iam::0987654321:role/KubeAccess"
      external_id: "0987654321"
  - labels:
      'c': 'd'
    aws:
      assume_role_arn: "arn:aws:iam::123456789012:role/KubeAccess"
      external_id: "123456789012"

```
    @tigrato
    tigrato committed Jun 26, 2023
    Configuration menu
    Copy the full SHA
    230bd2d View commit details
    Browse the repository at this point in the history

Commits on Jun 27, 2023

  1. reuse eks token validation

    @tigrato
    tigrato committed Jun 27, 2023
    Configuration menu
    Copy the full SHA
    e919413 View commit details
    Browse the repository at this point in the history