Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v16] Add ownership tags to AWS OIDC EKS Enrollment #45725

Merged
merged 1 commit into from
Aug 26, 2024
Merged

[v16] Add ownership tags to AWS OIDC EKS Enrollment #45725

merged 1 commit into from
Aug 26, 2024

Conversation

marcoandredinis
Copy link
Contributor

Backport #44736 to v16

changelog: For new EKS Cluster auto-enroll configurations, the temporary Access Entry is tagged with teleport.dev/ namespaced tags. For existing set ups, please add the eks:TagResource action to the Integration IAM Role to get the same behavior.

@marcoandredinis
Add ownership tags to AWS OIDC EKS Enrollment (#44736)
e693fe9 
* Add ownership tags to AWS OIDC EKS Enrollment

This PR adds the ownership tags to the temporary EKS Access Entry
created during the EKS Enrollment.

There might happen that the user already completed the set up once, and
so they won't be asked to run the configuration script (using oneoff +
cloudshell) again. If there's a access denied, the Access Entry is
created without the tags.

With or without the tags, the Access Entry is removed after the
enrollment process.

* log message asking users to add eks:TagResource action

* fix indentation in docs

* fix new tests
@zmb3 zmb3 changed the title [v16] Add ownership tags to AWS OIDC EKS Enrollment (#44736) [v16] Add ownership tags to AWS OIDC EKS Enrollment Aug 24, 2024
@marcoandredinis marcoandredinis added this pull request to the merge queue Aug 26, 2024
Merged via the queue into branch/v16 with commit f4ce209 Aug 26, 2024
41 of 43 checks passed
@marcoandredinis marcoandredinis deleted the marco/v16/backport_44736 branch August 26, 2024 08:30
@BrewTestBot BrewTestBot mentioned this pull request Aug 28, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@greedy52 greedy52 greedy52 approved these changes

@zmb3 zmb3 zmb3 approved these changes

Assignees
No one assigned
Labels
backport discovery documentation rfd Request for Discussion size/sm ui
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@marcoandredinis @zmb3 @greedy52