Comments (5)
@lukeweber we renew the secret in every reconcile loop - close the issue - feel free to reopen if we have problems with this implementation
from provider-aws.
Hi, we're working on programmatically creating and interacting with EKS clusters as well but using Python. Have you run into any 403 forbidden errors using the tokens? How are you handling the 15 minutes max life right now?
from provider-aws.
We aren't handling it right now explicitly. Certainly you can regenerate a token in the same way we generate tokens, and just make sure to get a new one before the old one expires.
This is what's done internally when you use the iam authenticator binary
https://github.com/kubernetes-sigs/aws-iam-authenticator/
from provider-aws.
I think we are relying on Sync interval to "re-generate" EKS credentials, which should "renew" the auth token.
from provider-aws.
@negz can we close this with continuous secret propagation?
from provider-aws.
Related Issues (20)
- Allow use of EKS pod identities as an authentication method HOT 2
- Tags are not updated for rdsinstance resource on update operation HOT 2
- [ec2/vpcpeeringconnection] Invalid memory address Provider AWS crashes with CrashLoopBackOff HOT 1
- Update-Loop when setting `awsAccountId` to just account ID HOT 1
- Issue "failed to satisfy constraint: Member must have length greater than or equal to 20" while creating Policy HOT 1
- diskSize of an EKS managed Node Group is not being updated HOT 1
- RolePolicy required field no data type, breaks things HOT 1
- LogGroup - allow updating kmsKeyID parameter
- domain.opensearchservice: vpc endpoint URI does not appear in status.atProvider
- server.transfer: Add vpc endpoint URI to status.atProvider
- Updating RolePolicyAttachment policyArn does not detach policy HOT 2
- Cannot create RDS DBInstance when autogeneratePassword - clean instance HOT 1
- s3 bucket settings not defined in the MR are removed after upgrade to v0.46.0 HOT 4
- RDSInstance doesn't set username in `writeConnectionSecretToRef` if you are importing an existing resource
- [documentation] Missing `required` tag in SecurityGrou `region` parameter
- CannotConnectToProvider
- CannotConnectToProvider while trying to create BucketVersioning using Composition HOT 1
- Validation error updating Cloudfront distribution HOT 3
- Release v0.48.0 May 2, 2024
- Time parse issue in compareTimeRanges (maintenanceWindow) HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from provider-aws.