Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

feat: Eliminated the use of temporary keys for tests with kubectl in privatelink-access pattern #1806

Merged
merged 3 commits into from
Oct 25, 2023

Conversation

vchintal
Copy link
Contributor

@vchintal vchintal commented Oct 24, 2023

Description

The privatelink-access pattern documentation had steps which involved creating temporary set of AWS credentials for the use of testing PrivateLink connectivity. This approach is manual and copy pasting credentials, however short-lived isn't ideal.

With the new set of changes introduced in this PR:

  1. The EKS cluster would initially come up with its API endpoint as public
  2. This would ensure that the Client EC2 instance's attached role is added as system:masters in aws-auth configmap
  3. Which would allow the Client EC2 to run kubectl commands as an Admin against the EKS cluster in the Client VPC without the need for any credentials
  4. The documentation is also corrected to:
    • Include the right steps to deploy the pattern
    • Include steps to take the cluster API endpoint private after Terraform finishes
    • Include cleaner steps to test the pattern
    • Add additional step of take the cluster API endpoint public before tearing down the resources

How was this change tested?

  • Yes, I have tested the PR using my local account setup (Provide any test evidence report under Additional Notes)
  • Yes, I ran pre-commit run -a with this PR

@vchintal vchintal requested a review from a team as a code owner October 24, 2023 15:47
@bryantbiggs bryantbiggs deployed to EKS Blueprints Test October 25, 2023 11:58 — with GitHub Actions Active
@bryantbiggs bryantbiggs merged commit 4856ec8 into aws-ia:main Oct 25, 2023
54 checks passed
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants