community
community copied to clipboard
aws-controllers-k8s
Support single command Helm installation with AWS credentials
As of currently, Helm is the recommended way of installing ACK service controller(s). ACK Helm charts support the fields for IRSA in values.yaml , which makes it possible to execute single helm install command and get ACK service controller up and running with IRSA.
This is a very good experience however this does not extend to authorization mechanism other than IRSA.
If ACK customers do not wish to use IRSA to provide AWS credentials, they need to either export helm chart, edit it OR install the chart and patch the controller deployment. (One may argue that IRSA is recommended and state of the art authorization for pods, but setting up IRSA for clusters other than EKS can be complicated at times)
As ACK controllers gain popularity, more people would want to try it out on their local KinD, minikube clusters or even k8s cluster fo their choice from different cloud providers.
This issue proposes to update helm chart artifacts for ACK controller to allow selectively choose more authorization options than IRSA for single command installation. Some famous authorization mechanisms for AWS are a) AWS credentials environment variables b) mounting AWS credentials file (and using AWS profiles)
I believe easier installation on any cluster type will help adoption of ACK service controllers.
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/aws-controllers-k8s/community.
/lifecycle stale
we should investigate this proposal in light of pod identity integration/support.
