Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Externalize logging bucket and KMS key #141

Merged
merged 11 commits into from
Apr 13, 2023
Merged

Externalize logging bucket and KMS key #141

merged 11 commits into from
Apr 13, 2023

Conversation

RothAndrew
Copy link
Member

@RothAndrew RothAndrew commented Apr 5, 2023
edited
Loading

  • Move the logging bucket to the root module, and use the same logging bucket for all access logs.
  • Move the KMS key to the root module, and use the same KMS key for all encryption needs
  • Delete a bunch of unused inputs in the Bastion module
  • Misc formatting fixes

Closes #125
Closes #152

@RothAndrew
wip
f7b8dff
@RothAndrew
wip
f13b48c
@RothAndrew
Merge branch 'main' into feature/logging-bucket
cc75b52 
# Conflicts:
#	examples/complete/README.md
#	modules/s3-irsa/main.tf
@RothAndrew
wip
cc09f4e
@RothAndrew RothAndrew changed the title [WIP] Externalize logging bucket for s3-irsa module [WIP] Externalize logging bucket Apr 7, 2023
@RothAndrew RothAndrew changed the title [WIP] Externalize logging bucket [WIP] Externalize logging bucket and KMS key Apr 13, 2023
@RothAndrew RothAndrew changed the title [WIP] Externalize logging bucket and KMS key Externalize logging bucket and KMS key Apr 13, 2023
@RothAndrew RothAndrew marked this pull request as ready for review April 13, 2023 19:48
@RothAndrew RothAndrew requested a review from a team as a code owner April 13, 2023 19:48
@RothAndrew
Copy link
Member Author

/test all

brianrexrode
brianrexrode reviewed Apr 13, 2023
View reviewed changes
Copy link
Contributor

@brianrexrode brianrexrode left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

recommend renaming access_logging.tf to access-logging.tf for consistency

@RothAndrew
Copy link
Member Author

Sure, no sweat. Anything else?

@brianrexrode
Copy link
Contributor

nope, lgtm. I'll approve

brianrexrode
brianrexrode approved these changes Apr 13, 2023
View reviewed changes
Copy link
Contributor

@brianrexrode brianrexrode left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@RothAndrew RothAndrew enabled auto-merge (squash) April 13, 2023 21:27
@RothAndrew RothAndrew merged commit ecbeadd into main Apr 13, 2023
@RothAndrew RothAndrew deleted the feature/logging-bucket branch April 13, 2023 21:29
ntwkninja pushed a commit that referenced this pull request Apr 15, 2023
@RothAndrew @ntwkninja
Externalize logging bucket and KMS key (#141)
03cd7a9
@runyontr runyontr mentioned this pull request Apr 18, 2023
Closed
ntwkninja added a commit that referenced this pull request Apr 23, 2023
@ntwkninja @RothAndrew
@zack-is-cool @brianrexrode
Operationalize VPC-CNI Config / Upgrade EKS (#173)
03a72d0 
* add secondary vpc cidr

* Externalize logging bucket and KMS key (#141)

* Feature/calico cni (#140)

* wip

* wip

* Delete complete-self-managed-nodegroup example since secure mode covers its intent

* wip

* wip

* Change keycloak_enabled back to true

* undo the managed stuff and change keycloak_enabled back to false

* wip

* Update providers to use eks module output instead of data object

* Change keycloak_enabled back to true

* wip

* merge main

* update provider things and cluster_addons var

* remove unnessary complicated logic

* turn addons on

* weird merge caused dupes

* clean comments

* fix auto_scaling_group_names inputs

* fix config

* adding these back in

* rollback all create_aws_auth_configmap logic

* fix calico things

* tags on tags on tags

* helm things

* bump

* make default to save $$$

* unblock?

* make true

* bug :(

* does this even do anything

* Revert "make default to save $$$"

This reverts commit c25b2d4.

---------

Co-authored-by: Andy Roth <[email protected]>

* add secondary vpc cidr

* subnet tweak

* one block in a blocks field

* add netpols conf to common.tfvars, add supported elements to README, update supported EKS version

* wip - vpc cni custom networking

* working

* thought I did this already but apparently not

* update eni config

* wip - networking fun

* everything looks right but zarf init is unhappy

* everything looks right but zarf init is unhappy

* add wait for nodegroups (needed for vpc cni sutom networking)

* make var descirptions match

* fix pre-commit

---------

Signed-off-by: Gabe <[email protected]>
Co-authored-by: Andy Roth <[email protected]>
Co-authored-by: Zack A <[email protected]>
Co-authored-by: brian.rexrode <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brianrexrode brianrexrode brianrexrode approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Race condition causing flaky E2E testing pipeline Misconfigured bucket logging in s3-irsa module
2 participants
@RothAndrew @brianrexrode