kube-aws-iam-controller
kube-aws-iam-controller copied to clipboard
zalando-incubator
Distribute different AWS IAM credentials to different pods in Kubernetes via secrets.
Deprecate and later remove the feature of automatically discovering IAM roles by looking at pod with a secret mount named `aws-iam-*` The feature is very limited and has been replaced...
I have tried to seutp kube-aws-iam-controller as documented but have not been able to do so even after several attempts. At first instance I got error when applying the deployment...
* Supports STS endpoints in GovCloud, China and Regional partitions for AWS.
The merge of https://github.com/aws/aws-sdk-js/pull/2559 adds support to the JS AWS SDK. Haven't tried it out yet, but will be doing so shortly. But, theoretically, it should work based on the...
I need a mechanism where credentials obtained by Pod are persistent. Are they persistent based on IAM role or they are valid for certain amount of time and must be...
Any plans of adding monitoring and metrics related to functioning of iam controller? Any ideas around how it can be implemented?
See https://aws.amazon.com/blogs/opensource/introducing-fine-grained-iam-roles-service-accounts/ Twitter thread: https://twitter.com/mhausenblas/status/1169292857108324353 OSS repo: https://github.com/aws/amazon-eks-pod-identity-webhook
We are a .NET Core shop and looking at migrating workloads from static json creds files on GCP? GKE to AWS/EKS. Working on possible solutions for credential handling for EKS....
The Kubernetes _Secrets_ created by the controller include two files: _credentials.json_, which is refreshed regularly, and _credentials.process_, which remains fixed over time. [The content of the latter file](https://github.com/mikkeloscar/kube-aws-iam-controller/blob/master/secrets_controller.go#L31-L33) is as...
In the current design, the controller creates a Kubernetes _Secret_ object when it notices one or more pods that wish to mount a _Secret_ with the right name. Any pods...
Metadata
Owner
Metadata
Distribute different AWS IAM credentials to different pods in Kubernetes via secrets.