-
Notifications
You must be signed in to change notification settings - Fork 511
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws-iam-authenticator
for baremetal variant
#2823
Comments
Documentation currently says this concerning authentication:
It does not currently mention if |
The mechanics of adding the package are straightforward, but I need a better understanding of the security implications of this to form an opinion on whether this is a good idea. I'll reach out to some folks internally. |
Hi. Any updates on this? :) |
Still a blocker... 👎 |
Sorry for the delay on updates here. I know there are some possible security concerns with including |
@StefanTheWiz thanks for your patience here. @yeazelm has merged Would you mind giving this a shot and checking that it resolves your issues? |
This was released in the 1.15.0 release |
Thanks! I'll check it out soon and let you know |
Discussed in #2809
Originally posted by StefanTheWiz February 15, 2023
Hi!
I'm trying to use AWS EKS as the control plane with bottlerocket baremetal nodes.
I was wondering if there was a particular reason why
aws-iam-authenticator
is not included in baremetal variant?Based on the README, I was kinda expecting that it would be included (for instance for using IAM Roles Anywhere).
As an experiment, I've built a version of baremetal that has the
aws-iam-authenticator
(diff here).However, the update process might remove the authenticator, which might mean maintaining our own TUF repo and that would be a tough sell.
The text was updated successfully, but these errors were encountered: