provider-helm icon indicating copy to clipboard operation
provider-helm copied to clipboard

Published 20 hours ago verified publisher icon crossplane-contrib

Support EKS IAM authentication

Open noyoshi opened this issue 3 years ago • 3 comments

What problem are you facing?

EKS only supports IAM based authentication, unless you go a roundabout way and use an OIDC provider. This means that the helm provider is not able to interact with Crossplane created EKS clusters, since the kubeconfig that EKS uses depends on the aws cli or aws-iam-authenticator.

Some background on EKS auth: https://docs.aws.amazon.com/eks/latest/userguide/managing-auth.html

How could Crossplane help solve your problem?

Ideally, we would be able to use the helm provider targeting EKS clusters. My org is working on a Crossplane proof of concept and would like to demonstrate that we can use it to completely manage all the resources we create for customers, which includes both creating the clusters (creating an EKS cluster w/ the aws-provider) and then releasing our software to said clusters (with the helm-provider).

noyoshi avatar Dec 20 '21 20:12 noyoshi

from aws-provider perspective we create a connection-secret with a kubeconfig inside - you can use this connection-secret to interact with provider-helm to said clusters - is this not working for your use-case ?

haarchri avatar Jan 18 '22 11:01 haarchri