instance-manager
instance-manager copied to clipboard
keikoproj
WIP: Initial support for custom SSM paths and IAM Roles
Wanted to share some initial development and background. This adds support for two annotations to control the custom SSM endpoint, and IAM Role assumption.
apiVersion: instancemgr.keikoproj.io/v1alpha1
kind: InstanceGroup
metadata:
annotations:
instancemgr.keikoproj.io/ssm-iam-role: "arn:aws:iam::123456789:role/my-custom-role"
instancemgr.keikoproj.io/ssm-ami-path: "/my/custom/ami/param"
This uses the aws helper stscreds to get new credentials. Need to test the credential refresh.
It's quite ugly using a global shared session - open to suggestions how this might work better.
Codecov Report
Merging #336 (4dffa60) into master (5215605) will decrease coverage by
0.23%. The diff coverage is11.11%.
@@ Coverage Diff @@
## master #336 +/- ##
==========================================
- Coverage 51.08% 50.84% -0.24%
==========================================
Files 33 33
Lines 4504 4531 +27
==========================================
+ Hits 2301 2304 +3
- Misses 2062 2084 +22
- Partials 141 143 +2
| Impacted Files | Coverage Δ | |
|---|---|---|
| controllers/providers/aws/ssm.go | 0.00% <0.00%> (ø) |
|
| controllers/provisioners/eks/eks.go | 87.23% <ø> (ø) |
|
| controllers/provisioners/eks/helpers.go | 90.82% <44.44%> (-0.58%) |
:arrow_down: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact),ø = not affected,? = missing dataPowered by Codecov. Last update 5215605...4dffa60. Read the comment docs.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}