Skip to content

Commit

Permalink
Fix credentials links (#211)
Browse files Browse the repository at this point in the history
  • Loading branch information
@diego-ojeda-binbash
diego-ojeda-binbash authored Feb 19, 2024
1 parent b9399c3 commit 505d885
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
4 changes: 2 additions & 2 deletions docs/user-guide/ref-architecture-aws/credentials.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
## Overview
Currently the following two methods are supported:

1. [x] **AWS IAM:** this is essentially using on-disk, permanent programmatic credentials that are tied to a given IAM User. This method can optionally support MFA which is highly recommended since using permanent credentials is discouraged, so at least with MFA you can counter-balance that. [Keep reading...](./features/sso/configuration.md)
2. [x] **AWS IAM Identity Center (formerly known as AWS SSO):** this one is more recent and it's the method recommeded by AWS since it uses roles (managed by AWS) which in turn enforce the usage of temporary credentials. [Keep reading...](./features/identities/identities.md)
1. [x] **AWS IAM:** this is essentially using on-disk, permanent programmatic credentials that are tied to a given IAM User. This method can optionally support MFA which is highly recommended since using permanent credentials is discouraged, so at least with MFA you can counter-balance that. [Keep reading...](./features/identities/identities.md)
2. [x] **AWS IAM Identity Center (formerly known as AWS SSO):** this one is more recent and it's the method recommeded by AWS since it uses roles (managed by AWS) which in turn enforce the usage of temporary credentials. [Keep reading...](./features/sso/configuration.md)

## Next Steps
If you are planning to choose SSO (highly recommended), check out [this section](./features/sso/overview.md).
Expand Down
2 changes: 1 addition & 1 deletion docs/user-guide/ref-architecture-eks/credentials.md
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Credentials

## Overview
Access to EKS is usually achieved via IAM roles. These could be either custom IAM roles that you define, or SSO roles that AWS takes care of creating and managing.
Access to EKS is usually achieved via IAM roles. These could be either [custom IAM](/user-guide/ref-architecture-aws/features/identities/identities) roles that you define, or [SSO roles](/user-guide/ref-architecture-aws/features/sso/overview) that AWS takes care of creating and managing.

## Configuration
Granting different kinds of access to IAM roles can be done as shown [here](https://github.com/binbashar/le-tf-infra-aws/blob/master/apps-devstg/us-east-1/k8s-eks/cluster/locals.tf#L33-L60) where you can define classic IAM roles or SSO roles. Note however that, since the latter are managed by AWS SSO, they could change if they are recreated or reassigned.
Expand Down

0 comments on commit 505d885

Please sign in to comment.