terraform-aws-eks-blueprints icon indicating copy to clipboard operation
terraform-aws-eks-blueprints copied to clipboard

Published 20 hours ago verified publisher icon aws-ia

add ec2:DescribeImages to karpenter IAM to support v0.14

Open FernandoMiguel opened this issue 2 years ago • 2 comments

Signed-off-by: Fernando Miguel [email protected]

What does this PR do?

Adds ec2:DescribeImages to karpenter IAM policy

Motivation

Karpenter v0.14 will require a new permission https://github.com/aws/karpenter/pull/2169/files#diff-7c5cd36388230ea106cff266bf0ab314b88b940b523b5acf523746f7baa496b7R117

More

  • [ ] Yes, I have tested the PR using my local account setup (Provide any test evidence report under Additional Notes)
  • [ ] Yes, I have added a new example under examples to support my PR
  • [ ] Yes, I have created another PR for add-ons under add-ons repo (if applicable)
  • [ ] Yes, I have updated the docs for this feature
  • [ ] Yes, I ran pre-commit run -a with this PR

Note: Not all the PRs required examples and docs except a new pattern or add-on added.

For Moderators

  • [ ] E2E Test successfully complete before merge?

Additional Notes

FernandoMiguel avatar Jul 26 '22 13:07 FernandoMiguel

Lets wait for 0.14 to be released and update the karpenter example to demonstrate this new functionality and verify the permissions are correct

it's in the module, not the example. adding the extra policy today won't change it in anyway, but I'm fine with waiting until it is released, and we can bump the version too

FernandoMiguel avatar Jul 26 '22 13:07 FernandoMiguel

A rc is out for testing https://github.com/aws/karpenter/releases/tag/v0.14.0-rc.0

Sadly I'm off on annual leave and unable to test anytime soon, prior to release.

FernandoMiguel avatar Jul 30 '22 09:07 FernandoMiguel

This is now released https://github.com/aws/karpenter/releases/tag/v0.14.0

Would you mind updating the default addon version to point to this latest release, then we can merge this. We can also include https://github.com/aws-ia/terraform-aws-eks-blueprints/pull/836 in this PR as well, thanks!

bryantbiggs avatar Aug 10 '22 18:08 bryantbiggs

@bryantbiggs I'll pick this up tomorrow. Thanks for looking into it.

FernandoMiguel avatar Aug 10 '22 18:08 FernandoMiguel

We can also include https://github.com/aws-ia/terraform-aws-eks-blueprints/pull/836 in this PR as well, thanks! @bryantbiggs i rather keep those things separate for whoever comes later reading the code can make sense of it.

FernandoMiguel avatar Aug 11 '22 18:08 FernandoMiguel

@bryantbiggs ready for review

FernandoMiguel avatar Aug 11 '22 18:08 FernandoMiguel

We can also include #836 in this PR as well, thanks! @bryantbiggs i rather keep those things separate for whoever comes later reading the code can make sense of it.

Its a one line change, I think its ok to add it here

bryantbiggs avatar Aug 11 '22 18:08 bryantbiggs

We can also include #836 in this PR as well, thanks! @bryantbiggs i rather keep those things separate for whoever comes later reading the code can make sense of it.

Its a one line change, I think its ok to add it here

up to you :)

FernandoMiguel avatar Aug 11 '22 18:08 FernandoMiguel