From fc1bb40cc8bb84789ece8831eecd6a733effcd84 Mon Sep 17 00:00:00 2001 From: Jina Jain Date: Fri, 30 Jun 2023 13:39:40 -0700 Subject: [PATCH 1/2] Add rbac for eks aws-auth configmap --- .../rendered_manifests/clusterRole.yaml | 8 ++++++++ .../rendered_manifests/clusterRole.yaml | 8 ++++++++ .../splunk-otel-collector/templates/clusterRole.yaml | 10 ++++++++++ 3 files changed, 26 insertions(+) diff --git a/examples/distribution-eks-fargate/rendered_manifests/clusterRole.yaml b/examples/distribution-eks-fargate/rendered_manifests/clusterRole.yaml index 15813cfb3b..4927954a1b 100644 --- a/examples/distribution-eks-fargate/rendered_manifests/clusterRole.yaml +++ b/examples/distribution-eks-fargate/rendered_manifests/clusterRole.yaml @@ -87,3 +87,11 @@ rules: - nodes verbs: - patch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + resourceNames: + - aws-auth diff --git a/examples/distribution-eks/rendered_manifests/clusterRole.yaml b/examples/distribution-eks/rendered_manifests/clusterRole.yaml index 6eedde2d69..26942695f4 100644 --- a/examples/distribution-eks/rendered_manifests/clusterRole.yaml +++ b/examples/distribution-eks/rendered_manifests/clusterRole.yaml @@ -81,3 +81,11 @@ rules: - get - list - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + resourceNames: + - aws-auth diff --git a/helm-charts/splunk-otel-collector/templates/clusterRole.yaml b/helm-charts/splunk-otel-collector/templates/clusterRole.yaml index d43de509c2..e9f7160115 100644 --- a/helm-charts/splunk-otel-collector/templates/clusterRole.yaml +++ b/helm-charts/splunk-otel-collector/templates/clusterRole.yaml @@ -94,6 +94,16 @@ rules: verbs: - patch {{- end }} +{{- if hasPrefix "eks" (include "splunk-otel-collector.distribution" .) }} +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + resourceNames: + - aws-auth +{{- end }} {{- with .Values.rbac.customRules }} {{ toYaml . }} {{- end }} From 16031da56bc24fb9dfc887ce197dc72c776ddbfd Mon Sep 17 00:00:00 2001 From: Jina Jain Date: Fri, 30 Jun 2023 13:46:54 -0700 Subject: [PATCH 2/2] update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 18ffc9109d..c687ac74f4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ### Added - Update PodDisruptionBudgets API version to allow both `policy/v1beta1` and `policy/v1` [#835](https://github.com/signalfx/splunk-otel-collector-chart/pull/835) +- Update clusterrole to allow collector to check for the `aws-auth` configmap in EKS clusters [#840](https://github.com/signalfx/splunk-otel-collector-chart/pull/840) ## [0.80.0] - 2023-06-27