Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix credentials links #211

Merged
merged 1 commit into from
Feb 19, 2024
+3 −3
Merged

Fix credentials links #211

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions docs/user-guide/ref-architecture-aws/credentials.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
## Overview
Currently the following two methods are supported:

1. [x] **AWS IAM:** this is essentially using on-disk, permanent programmatic credentials that are tied to a given IAM User. This method can optionally support MFA which is highly recommended since using permanent credentials is discouraged, so at least with MFA you can counter-balance that. [Keep reading...](./features/sso/configuration.md)
2. [x] **AWS IAM Identity Center (formerly known as AWS SSO):** this one is more recent and it's the method recommeded by AWS since it uses roles (managed by AWS) which in turn enforce the usage of temporary credentials. [Keep reading...](./features/identities/identities.md)
1. [x] **AWS IAM:** this is essentially using on-disk, permanent programmatic credentials that are tied to a given IAM User. This method can optionally support MFA which is highly recommended since using permanent credentials is discouraged, so at least with MFA you can counter-balance that. [Keep reading...](./features/identities/identities.md)
2. [x] **AWS IAM Identity Center (formerly known as AWS SSO):** this one is more recent and it's the method recommeded by AWS since it uses roles (managed by AWS) which in turn enforce the usage of temporary credentials. [Keep reading...](./features/sso/configuration.md)

## Next Steps
If you are planning to choose SSO (highly recommended), check out [this section](./features/sso/overview.md).
Expand Down
2 changes: 1 addition & 1 deletion docs/user-guide/ref-architecture-eks/credentials.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Credentials

## Overview
Access to EKS is usually achieved via IAM roles. These could be either custom IAM roles that you define, or SSO roles that AWS takes care of creating and managing.
Access to EKS is usually achieved via IAM roles. These could be either [custom IAM](/user-guide/ref-architecture-aws/features/identities/identities) roles that you define, or [SSO roles](/user-guide/ref-architecture-aws/features/sso/overview) that AWS takes care of creating and managing.

## Configuration
Granting different kinds of access to IAM roles can be done as shown [here](https://github.com/binbashar/le-tf-infra-aws/blob/master/apps-devstg/us-east-1/k8s-eks/cluster/locals.tf#L33-L60) where you can define classic IAM roles or SSO roles. Note however that, since the latter are managed by AWS SSO, they could change if they are recreated or reassigned.
Expand Down
Loading