[assets_aws] Find common link between EKS Fargate and K8s assets data

[girodav]

Introduction

To provide a cohesive experience for users, AWS assets and K8s assets have to be tied together. If not possible in inputrunner, at least in the UI.

A discussion started at #13 on how to tie AWS and K8s assets. We identified a solution for managed and self-managed EKS. The solution uses instanceIDs as a common link between the two asset types.

What's the issue?

We realized that EKS Fargate does not expose the IDs of the underlying EC2 instances. It works as a fully managed "black box".

AWS Support also confirmed the above in our last conversation with them (case: 12625366331 in the observability-dev account)

==========
Summary:-
==========

As discussed on call, you explained me your use-case which state that you have two applications, one is running on aws eks cluster and other one is running on outside eks cluster.

You are able to get instance id of the nodes in which you are using EC2 managed nodegroup but when you are using faragte node, you are not getting unique instance id while describing the node and it is showing provider URL as shown below:-

----------------------------------------------------------------------------------------------------
providerID: aws:///region/<random UUID>/<node_name>
----------------------------------------------------------------------------------------------------

Please allow me to mention you that random UUID in above provider URL/ID is the unique fargate task id created by the aws.

So now there is no instance IDs when working with Fargate so you wanted to know how you can obtain cluster information:-

-> Please allow me to mention you that you can use fargate node name as the unique identifier for Kubernetes cluster.

-> This fargate node name having private IP which is unique within the region for same VPC but it may conflict with the other VPC in the same region.

-> Although if you use different CIDR for all the VPC in the same region then the private IPs will be different for all fargate nodes within the same region which may help you to achieve your use.

-> Also as discussed on call, you may try to use VPC id of eks cluster as the unique identifier along with fargate node name.

What can we do?

I see two main options here:

1. We explicitly document this use case as "not supported".
2. Assuming we can find a way to inject the VPC ID in K8s assets, we can use it as a common link. However, there is no guarantee that two different VPCs won't share the same CIDR. We would still end up with a problematic edge case we cannot support.