Casey Robertson
Casey Robertson
Ahh....this explains our issue when testing with AWS SSO-created roles too. See the issue referenced in this document. This has been a problem for a quite a while (at least...
> Is there any progress on this one? This is significant functionality for managing access to EKS for larger Engineering groups, right now this is requiring me to list out...
Would really like this too. I want to build GCP custom roles by calling the gcloud CLI to grab permissions from built-in roles.... but for the life of me cannot...
I think I'm running into this now when attempting to upgrade helm charts from versions that support < k8s 1.15 to >= to 1.16. For example, this chart made changes...
I gave an incomplete example and made a bad reference. Here's the relevant code in the chart and the history: https://github.com/helm/charts/commits/master/stable/metrics-server/templates/auth-delegator-crb.yaml Is it likely this change? https://github.com/helm/charts/commit/106969f251ae2e4d2315f660cf8600b66cbadf57#diff-f1ac9d24aa4c3553a0bd62085662bc53
Also for those of us running the prometheus operator, it would be nice to have this integrated.
One vote to deprecate - it's standard practice in our pipelines and locally to set up the AWS env for each CI/CD step. We've used SOPS for a while now...
@richstokes seem to be running into this too. I don't know what changed. I was working with a developer the other day and nothing would work until added a role...
Just started investigating secretsmanager to move away from a sops-based workflow. Agree with @osterman that the above should just work. I am building secrets with Pulumi but I add this...
Raising awareness. We had a sysdig outage that could have been mitigated sooner if this was in place.