Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

create EKS cluster & resources with IAM Role Provider #205

Merged
merged 1 commit into from
Aug 20, 2019
Merged

create EKS cluster & resources with IAM Role Provider #205

merged 1 commit into from
Aug 20, 2019

Conversation

beetahnator
Copy link
Contributor

Addresses issue: #140

@beetahnator beetahnator mentioned this pull request Jul 26, 2019
Closed
@lukehoban lukehoban requested a review from metral July 26, 2019 01:24
metral
metral suggested changes Jul 26, 2019
View reviewed changes
Copy link
Contributor

@metral metral left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A couple of nitpicks, but overall LGTM.

This is a great PR, thank you!

I'll test this across the full test suite.

nodejs/eks/cluster.ts Outdated Show resolved Hide resolved
nodejs/eks/cluster.ts Outdated Show resolved Hide resolved
nodejs/eks/cluster.ts Outdated Show resolved Hide resolved
nodejs/eks/cluster.ts Outdated Show resolved Hide resolved
metral
metral reviewed Jul 26, 2019
View reviewed changes
nodejs/eks/cluster.ts Outdated Show resolved Hide resolved
@metral
Copy link
Contributor

metral commented Jul 26, 2019
edited
Loading

Given that this PR is introducing a aws.Provider for the cluster, and it waits to assume the role, I wonder if this will temper down the IAM related issues we're seeing around role creation & assuming roles in CI: #203 & #204.

Thoughts @lukehoban ?

lukehoban
lukehoban reviewed Jul 26, 2019
View reviewed changes
nodejs/eks/cluster.ts Outdated Show resolved Hide resolved
nodejs/eks/cluster.ts Show resolved Hide resolved
nodejs/eks/cluster.ts Outdated Show resolved Hide resolved
@beetahnator
Copy link
Contributor Author

Thanks for the feedback @metral and @lukehoban

If nothing else comes up, I'll push an update this week to address the remaining concerns.

  • Make the Role & Provider optional
  • Add documentation for the Role Policy permissions

@beetahnator
Copy link
Contributor Author

beetahnator commented Aug 2, 2019
edited
Loading

I found this issue on one of AWS's repos: aws/containers-roadmap#378

If anyone with more sway could chime in to get the [system:masters] role defined explicitly that would awesome.

For the time being I refactored the PR to be backwards compatible and added a getRoleProvider and CreationRoleProvider in case someone wanted to manually generate it.

Example usage:

  const creationRoleProvider = eks.getRoleProvider("test");

  const cluster = new eks.Cluster("test", {
    creationRoleProvider: creationRoleProvider,
    subnetIds: [...privateSubnets.ids, ...publicSubnets.ids],
    nodeSubnetIds: privateSubnets.ids,
    vpcId: vpc.id
  });

metral
metral suggested changes Aug 7, 2019
View reviewed changes
Copy link
Contributor

@metral metral left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Couple of nitpicks - @lukehoban thoughts?

nodejs/eks/cluster.ts Show resolved Hide resolved
nodejs/eks/cluster.ts Outdated Show resolved Hide resolved
nodejs/eks/cluster.ts Outdated Show resolved Hide resolved
@metral
Copy link
Contributor

metral commented Aug 14, 2019

Recent changes LGTM. @lukehoban PTAL

Could we also squash down to a single commit?

@metral metral merged commit d615fbc into pulumi:master Aug 20, 2019
@metral metral mentioned this pull request Aug 20, 2019
Closed
@svrana svrana mentioned this pull request Jun 27, 2020
Closed
@automagic automagic mentioned this pull request Apr 1, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lukehoban lukehoban lukehoban left review comments

@metral metral metral requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@beetahnator @metral @lukehoban