Skip to content
This repository has been archived by the owner on Oct 5, 2022. It is now read-only.

Network access restrictions to EKS #1

Open
petrkohut opened this issue Jan 8, 2020 · 1 comment
Open

Network access restrictions to EKS #1

petrkohut opened this issue Jan 8, 2020 · 1 comment

Comments

@petrkohut
Copy link
Collaborator

Since 20th of December 2019 there is support for Network access restrictions on EKS:
https://aws.amazon.com/about-aws/whats-new/2019/12/amazon-eks-enables-network-access-restrictions-to-kubernetes-cluster-public-endpoints/

We would like to add support for it in Taurus, so part of Terraform configuration would be a map of whitelisted IP addresses to EKS. Everything else would be blocked.
@thecodingrobot
Copy link

This is blocked by:

  1. The Terraform AWS provider containing the change is not published yet. v2.44.0 should be available within the next few days.
    Ref.: Amazon EKS cluster public endpoint network access restriction via IPv4 address ranges hashicorp/terraform-provider-aws#11397

  2. The external Terraform module used to deploy EKS does not support public IP whitelisting.
    Ref.: Add support for Public IP Access Whitelist terraform-aws-modules/terraform-aws-eks#647

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@thecodingrobot @petrkohut