cluster-api-provider-aws icon indicating copy to clipboard operation
cluster-api-provider-aws copied to clipboard

Published 20 hours ago verified publisher icon kubernetes-sigs

Document BYO security groups for EKS-managed clusters

Open adammw opened this issue 1 year ago • 6 comments

/kind documentation /area provider/eks

Describe the solution you'd like The Bring your own infrastructure docs describe how to set up security group overrides for self-managed clusters, but the keys used for EKS-managed clusters are not documented. Add a page under the EKS support page describing how to bring your own security groups, what the keys represent, etc.

adammw avatar Sep 01 '23 04:09 adammw

/triage accepted /priority important-soon

Ankitasw avatar Sep 05 '23 06:09 Ankitasw

For whoever writes the documentation, node-eks-additional was the key we needed to use to attach the custom security group to the EKS control plane under the "Additional security groups" heading instead of one being created by CAPI. Not sure which other keys are supported, I wasn't able to influence "Cluster security group" at all as I believe that one is created by AWS.

adammw avatar Sep 13 '23 06:09 adammw

Thanks @adammw, if you have bandwidth, feel free to contribute on the same.

Ankitasw avatar Sep 15 '23 11:09 Ankitasw

This issue is labeled with priority/important-soon but has not been updated in over 90 days, and should be re-triaged. Important-soon issues must be staffed and worked on either currently, or very soon, ideally in time for the next release.

You can:

  • Confirm that this issue is still relevant with /triage accepted (org members only)
  • Deprioritize it with /priority important-longterm or /priority backlog
  • Close this issue with /close

For more details on the triage process, see https://www.kubernetes.dev/docs/guide/issue-triage/

/remove-triage accepted

k8s-triage-robot avatar Jan 19 '24 03:01 k8s-triage-robot

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Apr 18 '24 03:04 k8s-triage-robot

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle rotten
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

k8s-triage-robot avatar May 18 '24 03:05 k8s-triage-robot