Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for Security Groups for Pods and Network Policies #1256

Open
flostadler opened this issue Jul 16, 2024 · 0 comments
Open

Add support for Security Groups for Pods and Network Policies #1256

flostadler opened this issue Jul 16, 2024 · 0 comments
Labels
kind/enhancement Improvements or new features size/S Estimated effort to complete (1-2 days).

Comments

@flostadler
Copy link
Contributor

Hello!

  • Vote on this issue by adding a 👍 reaction
  • If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)

Issue details

Currently, the EKS provider maintains a fork of the VPC CNI manifest (v1.16.0). Internally we're shelling out to kubectl in order to configure vpc-cni on clusters. This is necessary because those resources are already existent on the clusters but need modifications to their config to achieve things like:

  • Running a fully serverless cluster
  • Configuring parameters of the VPC CNI

The VPC CNI component does not support configuring Security Groups for Pods and Network Policies. It's missing configuration parameters like:

  • POD_SECURITY_GROUP_ENFORCING_MODE
  • NETWORK_POLICY_ENFORCING_MODE

Affected area/feature

  • EKS networking
@flostadler flostadler added the kind/enhancement Improvements or new features label Jul 16, 2024
@pulumi-bot pulumi-bot added the needs-triage Needs attention from the triage team label Jul 16, 2024
@flostadler flostadler added size/S Estimated effort to complete (1-2 days). and removed needs-triage Needs attention from the triage team labels Jul 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/enhancement Improvements or new features size/S Estimated effort to complete (1-2 days).
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@flostadler @pulumi-bot