From 64d51f0c813e2f881876ec124cb85b4d845f139d Mon Sep 17 00:00:00 2001 From: Zhiming Guo Date: Tue, 14 Apr 2020 23:33:20 +1000 Subject: [PATCH 1/3] Update security_groups.md --- docs/security_groups.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/security_groups.md b/docs/security_groups.md index e7fdf71cf3823..dca1edbcde770 100644 --- a/docs/security_groups.md +++ b/docs/security_groups.md @@ -8,8 +8,10 @@ Kops will still output any differences in the managed and your own Security Grou This is convenient for determining policy changes that need to be made when upgrading Kops. **Using Managed Security Groups will not output these differences, it is up to the user to track expected changes to policies.** -*NOTE: Currently Kops only supports using existing Security Groups for every instance group and Load Balancer in the Cluster, not a mix of existing and managed Security Groups. +NOTE: +- *Currently Kops only supports using existing Security Groups for every instance group and Load Balancer in the Cluster, not a mix of existing and managed Security Groups. This is due to the lifecycle overrides being used to prevent creation of the Security Groups related resources.* +- *Kops will still try to add necessary security group rules to the specified existing security group, despite that the name of field is "securityGroupOverride".* To do this first specify the Security Groups for the ELB (if you are using a LB) and Instance Groups Example: From f77f3a9204e26f852ba38b59cbc9a6400ae448dd Mon Sep 17 00:00:00 2001 From: Zhiming Guo Date: Thu, 16 Apr 2020 00:28:35 +1000 Subject: [PATCH 2/3] Update docs/security_groups.md Co-Authored-By: Peter Rifel --- docs/security_groups.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/security_groups.md b/docs/security_groups.md index dca1edbcde770..c87d25352964d 100644 --- a/docs/security_groups.md +++ b/docs/security_groups.md @@ -11,7 +11,7 @@ This is convenient for determining policy changes that need to be made when upgr NOTE: - *Currently Kops only supports using existing Security Groups for every instance group and Load Balancer in the Cluster, not a mix of existing and managed Security Groups. This is due to the lifecycle overrides being used to prevent creation of the Security Groups related resources.* -- *Kops will still try to add necessary security group rules to the specified existing security group, despite that the name of field is "securityGroupOverride".* +- *Kops will add necessary rules to the security group specified in `securityGroupOverride`.* To do this first specify the Security Groups for the ELB (if you are using a LB) and Instance Groups Example: From ee0593be0056318de9df460f7009f78d0e2043ad Mon Sep 17 00:00:00 2001 From: Zhiming Guo Date: Thu, 16 Apr 2020 19:38:29 +1000 Subject: [PATCH 3/3] update security_groups.md try to make it render properly on Netlify's markdown engine --- docs/security_groups.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/security_groups.md b/docs/security_groups.md index c87d25352964d..179964d2b66e8 100644 --- a/docs/security_groups.md +++ b/docs/security_groups.md @@ -9,6 +9,7 @@ This is convenient for determining policy changes that need to be made when upgr **Using Managed Security Groups will not output these differences, it is up to the user to track expected changes to policies.** NOTE: + - *Currently Kops only supports using existing Security Groups for every instance group and Load Balancer in the Cluster, not a mix of existing and managed Security Groups. This is due to the lifecycle overrides being used to prevent creation of the Security Groups related resources.* - *Kops will add necessary rules to the security group specified in `securityGroupOverride`.*