Support EKS IAM authentication #117
Labels
enhancement
New feature or request
Comments
|
from aws-provider perspective we create a connection-secret with a kubeconfig inside - you can use this connection-secret to interact with provider-helm to said clusters - is this not working for your use-case ? |
|
Hi @haarchri , in our case, remote clusters are created outside of crossplane management (via terraform), we only want provider-helm to connect to the clusters and installed few initial charts (ex, argocd) |
|
Something we need to add |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What problem are you facing?
EKS only supports IAM based authentication, unless you go a roundabout way and use an OIDC provider. This means that the helm provider is not able to interact with Crossplane created EKS clusters, since the kubeconfig that EKS uses depends on the aws cli or
aws-iam-authenticator.Some background on EKS auth: https://docs.aws.amazon.com/eks/latest/userguide/managing-auth.html
How could Crossplane help solve your problem?
Ideally, we would be able to use the helm provider targeting EKS clusters. My org is working on a Crossplane proof of concept and would like to demonstrate that we can use it to completely manage all the resources we create for customers, which includes both creating the clusters (creating an EKS cluster w/ the aws-provider) and then releasing our software to said clusters (with the helm-provider).
The text was updated successfully, but these errors were encountered: