Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS IAM Role Tagging #10488

Merged
merged 2 commits into from
Dec 30, 2020
Merged

AWS IAM Role Tagging #10488

merged 2 commits into from
Dec 30, 2020

Conversation

rifelpet
Copy link
Member

@rifelpet rifelpet commented Dec 22, 2020
edited
Loading

Ref: #9640

This adds support for tagging IAM roles with the usual cloud tags, as demonstrated by the updated integration test outputs.

An idea I had for this was to add tags for service account roles that specify the service account name and namespace but we need to decide on the tag keys to use. I'm not aware of any official recommendations for this but we could do something similar to what the aws-load-balancer-controller does for ingress tags:

https://github.com/kubernetes-sigs/aws-load-balancer-controller/blob/9776d298fddc1bb7fe9245510467d2507580ec96/internal/alb/generator/tag.go#L14

kubernetes.io/namespace
kubernetes.io/service-account-name

I'd like to ensure that would be acceptable first given the reserved nature of kubernetes.io. Any ideas @justinsb?

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. labels Dec 22, 2020
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: rifelpet

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added area/provider/aws Issues or PRs related to aws provider approved Indicates a PR has been approved by an approver from all required OWNERS files. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. labels Dec 22, 2020
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Dec 23, 2020
@hakman
Copy link
Member

hakman commented Dec 30, 2020

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Dec 30, 2020
@k8s-ci-robot k8s-ci-robot merged commit 22a9a13 into kubernetes:master Dec 30, 2020
@k8s-ci-robot k8s-ci-robot added this to the v1.20 milestone Dec 30, 2020
@rifelpet rifelpet deleted the iam-role-tag branch May 5, 2021 13:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@KashifSaadat KashifSaadat Awaiting requested review from KashifSaadat

@rdrgmnzs rdrgmnzs Awaiting requested review from rdrgmnzs

Assignees

@hakman hakman

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/provider/aws Issues or PRs related to aws provider cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Milestone
v1.20
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@rifelpet @k8s-ci-robot @hakman