zero-aws-eks-stack
zero-aws-eks-stack copied to clipboard
commitdev
zero module for a basic AWS kubernetes stack on EKS
(re: commitdev/zero#423) Check into the feasibility / effort involved in pulling out any IAM TF into the shared role and auditing the access of the default "operator" role we are...
There are a few discrepancies in the Makefile and the README with respect to tearing down an environment. 1. `teardown-secrets` removes the ci-user secret key which is shared b/t envs....
The cert-manager code uses `local-exec` to run `kubectl apply` to create cluster issuers. Now that the `kubernetes_manifest` resource is generally available, update to using that which should be cleaner and...
Note: On brand new build this doesnt happen, but can be a problem if people deploy one(staging) environment, do some development then go ahead and deploy their 2nd(prod) environment at...
The HTTP solver is handy, and fast in most cases but I think we should move over to using the DNS validator by default. It can take longer sometimes due...
SAM will create much of the required infra using its own internal cloudformation, but we need to create: - create or use an existing cert and pass the ARN in...
We need options added to the zero module config to allow users to pick serverless or EKS, and in the terraform we should have the ability to toggle each of...
Seems like someone was talking about contributing it but it never happened: https://github.com/ory/k8s/issues/208 Should be easy enough to add, as there are many examples out there in popular Helm charts,...
There's a need in some cases to refer to internal resources by user friendly names. For example, kibana and grafana. In this case we should have a private route53 zone...