A community opinionated template for deploying Kubernetes clusters on-prem and in AWS using Pulumi, SOPS, Sealed Secrets, GitHub Actions, Renovate, Cilium and more!
License: MIT License
TypeScript 57.81%Dockerfile 4.39%Shell 37.79%
aws-argo-cluster-template's Introduction
Hello, I'm Dan π
What am I doing?
π Designing and building infrastructure and services @ Cisco
π Ensuring security on systems in zero-trust environments
π¬ Scaling GitHub Actions for the Enterprise
π Making K8s easier for everyone deploying or managing it
Need to ensure that credential configuration is as secure as possible. Currently, docs reference static credentials. Instead, utilizing the AWS CLI SSO Login flow should be the approach documented and recommended.
Need to get IRSA working with Talos. IRSA, or IAM Roles for Kubernetes Service Accounts, will allow significantly more granular control over what pods/services have access to which AWS resources and permissions.