amazon-eks-pod-identity-webhook
amazon-eks-pod-identity-webhook copied to clipboard
aws
Amazon EKS Pod Identity Webhook
Adds a condition to the mutating webhook, preventing pods from being processed with a particular label. See: https://github.com/aws/amazon-eks-pod-identity-webhook/issues/215
### What would you like to be added? It would be useful to have a standard label that excludes pods from being processed by the identity webhook. **Proposed Change:** https://github.com/aws/amazon-eks-pod-identity-webhook/pull/216...
**What happened**: We are using EKS pod identity agent to grant RDS access for a pod. For testing purpose, we have attached S3 full access to the IAM role and...
*Issue #, if available:* *Description of changes:* By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Get error during creation of pod with service-account that has eks.amazonaws.com/role-arn annotation
**What happened**: One of our pods should assume a specific AWS role and we are configuring it via service account annotation. After eks cluster upgrade the mutation of the pod...
**What would you like to be added**: Reference to this issue: https://github.com/aws/amazon-eks-pod-identity-webhook/issues/58 We'd like to have wildcard implemented for incomplete namespaces, for example: ```json { "Version": "2012-10-17", "Statement": [ {...
**What would you like to be added**: I would like the webhook to also attach a `AWS_ROLE_SESSION_NAME` envvar to the mutated pods. The downward API can be used to inject...
**What would you like to be added**: Capability to set sourceIdentity annotation. **Why is this needed**: From: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html _After a source identity is set, it is present in requests for...
k8s version : v1.26.5 I am trying to run this pod-identitywebhook on an onprem cluster. The mutatingwebhook is created fine and the deployment create pods without any issues. The webhook...
**What happened**: Deploying multiple services on my cluster such as cluster-autoscaler, external-dns, ebs-csi-drivers. On initial deployment the pods do not receive the environment vars, volumes, and volumeMounts. When I manually...
