chore(*): add more explanation when using EKS IRSA to access RDS database #5831
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
windmgc
added
the
review:general
✅ Deploy Preview for kongdocs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
app/_src/gateway/kong-enterprise/aws-iam-auth-to-rds-database.md
Outdated
Show resolved
Hide resolved
Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com>
lena-larionova
added a commit
that referenced
this pull request
Aug 9, 2023
* version bump for gateway 3.4 * Bump kong-plugins submodule (#5682) * feat(logging): add workspace name in the logging payload (#5251) (#5585) * feat(logging): add workspace name in the logging payload (#5251) Co-authored-by: lena.larionova <yelena.larionova@gmail.com> * update the ee-version --------- Co-authored-by: lena.larionova <yelena.larionova@gmail.com> * feat(opentelemetry): add AWS header propagation (#5732) * feat(opentelemetry): add AWS header propagation * Add a changelog entry for AWS header propagation --------- Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * docs(secrets-management): update docs with vault rotation and some small adjustments ### Summary In Kong 3.4 we added support for secrets rotation using TTLs. This commit adds a section to Kong docs about it. There are some small adjustments to secrets management docs as well. Signed-off-by: Aapo Talvensaari <aapo.talvensaari@gmail.com> * bump version for support tables to 3.4 * feat(admin-api): add `cascade` querystring parameter to support force delete workspace (#5506) * add recursive querystring parameter * rename to cascade * Update app/_src/gateway/admin-api/workspaces/reference.md Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> --------- Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * fix: remove unnecessary tab tags in secrets rotation * fix version number typo * Add changelog entry for 3.4.x changes in the ip-restriction plugin (#5736) * Add changelog entry for 3.4.x changes in the ip-restriction plugin * minor formatting edit --------- Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * feat(opentelemetry): support the parameter as referenceable (#5809) * [DOCU-3224] Remove cassandra from 3.4 (#5803) * remove cassandra * Update app/_src/gateway/kong-enterprise/analytics/reports.md Co-authored-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> --------- Co-authored-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * chore(*): add more explanation when using EKS IRSA to access RDS database (#5831) * chore(*): add more explanation when using EKS IRSA to access RDS database * Update app/_src/gateway/kong-enterprise/aws-iam-auth-to-rds-database.md Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> --------- Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * Add new distros, drop End-Of-Life distributions, and rename amazonlinux-2022 to 2023 (#5770) * Drop End-Of-Life distributions, and rename amazonlinux-2022 to 2023 * Update distro support for 3.4 * Add rhel9 fips support in 3.4 * Add rhel9 arm64 support * fix issue of 3.2, 3.3, and 3.4 not displaying * re-add ubuntu 18.04 to versions prior to 3.4 with EOL date --------- Co-authored-by: Andy Zhang <AndyZhang0707@users.noreply.github.com> Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> Co-authored-by: lena.larionova <yelena.larionova@gmail.com> * chore: 3.3 > 3.4 nav changes (#5863) update 3.4 nav to match 3.3 * docs(consumer-groups): add api-specs for first-class consumer-group changes (#5873) * rename, repoint to 3.4 * fix issue with parameters --------- Co-authored-by: Angel <angel.guarisma@konghq.com> * chore: Update configuration reference for gateway 3.4 (#5881) * update autodoc-conf-ee script with latest badges * generate config ref for 3.4; update autogen script for config ref * [Autodocs] PDK and API documentation (#5882) * PDK docs * vale * fix if_version * API specs * kong.vault fix * Migrate from Cassandra to PostgreSQL (#5885) * first commit * add more info * Apply suggestions from code review Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * more feedback * navbar changes, rename * image move * Update app/_src/gateway/migrate-cassandra-to-postgres.md Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> --------- Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * AdminAPI - Add cascade query param to workspace endpoints, fix issue with validate plugin endpoint. (#5894) * add few missing things to the AdminAPIs * change contact info * fix boolean in quotes * remove quotes * add link to docs * feat: Remove Alpine instructions from Docker install instructions for 3.4 (#5886) * Remove Alpine instructions from Docker install doc Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Conditionally render Alpine tiles on install page Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Fix Vale warning Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> --------- Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * docs(secrets-management): update docs with vault rotation and some small adjustments (#5779) * docs(secrets-management): update docs with vault rotation and some small adjustments In Kong 3.4 we added support for secrets rotation using TTLs. This commit adds a section to Kong docs about it. There are some small adjustments to secrets management docs as well. Signed-off-by: Aapo Talvensaari <aapo.talvensaari@gmail.com> * Apply suggestions from code review Co-authored-by: Hans Hübner <hans.huebner@gmail.com> * Update app/_src/gateway/kong-enterprise/secrets-management/secrets-rotation.md Co-authored-by: Joshua Schmid <joshua.schmid@konghq.com> * Update app/_src/gateway/kong-enterprise/secrets-management/backends/aws-sm.md * Update app/_src/gateway/kong-enterprise/secrets-management/advanced-usage.md * Update app/_src/gateway/kong-enterprise/secrets-management/backends/gcp-sm.md * Update app/_src/gateway/kong-enterprise/secrets-management/backends/hashicorp-vault.md * docs(secrets-mgmt): act on feedback * docs(secrets): add defaults * Fix accidental submodule update Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Apply suggestions from code review * Fix Vale errors Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Fix last few Vale errors and fix table formatting Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> --------- Signed-off-by: Aapo Talvensaari <aapo.talvensaari@gmail.com> Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> Co-authored-by: Hans Hübner <hans.huebner@gmail.com> Co-authored-by: Enrique García Cota <kikito@gmail.com> Co-authored-by: Joshua Schmid <joshua.schmid@konghq.com> Co-authored-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Feat: Kong Manager OSS documentation (#5864) * Add placeholder page Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Add KM OSS screenshot, fill out KM OSS overview page, edit ports page Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Add note about KM OSS to get started, add KM OSS to list of things OSS users can use on the main page Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Fix broken KM link * Fix broken links in old versions, appease Vale Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Add conditional rendering to KM ports Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Make small fixes, apply code review feedback Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Manually conditionally render badges for KM OSS params Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Change Kong Manager Free to Kong Manager Enterprise Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Add KM OSS icon, fix if_version in config file Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Fix path to image, add links to concept pages Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Fix icon color Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * Fix sidebar test Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> --------- Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * [DOCU-3167] Update references to Amazon Linux 2023 (#5841) * Change AWS 2022 to AWS 2023 Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Fix cloudsmith links, change our Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Isa Farnik <isa@konghq.com> * Fix AWS 2023 yum install steps, edit the Amazon install options Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> --------- Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> Co-authored-by: Isa Farnik <isa@konghq.com> * Update expression router documentation for kong 3.4 (#5889) docs(expression): update expression for kong 3.4 * deprecated `overrides` endpoint note, cascade endpoint added to workspace delete. (#5907) * deprecated endpoint note, cascade endpoint added to markdown. * Add feedback from Lena * [Docu-3170] Support for scoping plugins by consumer group. (#5874) * Consumer groups main adds * fix: add missing "to" to KongPlugin guide * Add `no_consumer_group` to third-party plugins schemas * bump plugins submodule * Add support for `Enable on consumer group` tab * More plugins * vale * broken link * vale * fix broken link * Feedback * update plugins submodule to update config * redirects for consumer groups API documentation * add deprecation * last bit of feedback * add details about mixed version kGW setups * Apply suggestions from code review Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * vale * Apply suggestions from code review Co-authored-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> * feedback * fix last precedence thing --------- Co-authored-by: Travis Raines <571832+rainest@users.noreply.github.com> Co-authored-by: Fabian Rodriguez <fabian.rodriguez@konghq.com> Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com> Co-authored-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * chore: Copy over nav changes from 3.3 to 3.4 (#5908) copy over nav changes from 3.3 to 3.4 * Chore: Fix vale, Update Github action (#5895) * test vale * fix it I think * edit .vale.ini * try again * test new action * test * test again * test * test * test * remove vale test items * chore: Add 3.4 version to Gateway upgrade doc (#5911) Add 3.4 version to upgrade doc Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> * Add documentation for Gateway 3.4 Wasm support (#5840) * wasm docs WIP * wasm docs review changes * addressing reviewdog comments * cursed typo * review comments addressed and some config changes * refine configuration instructions * quotes around config * use `export` instead of changing user's conf * copy edit * Update app/_src/gateway/plugin-development/wasm.md Co-authored-by: Vinicius Mignot <vinicius.mignot@gmail.com> * Update app/_src/gateway/plugin-development/wasm.md Co-authored-by: Hisham Muhammad <hisham@gobolinux.org> * Change "WasmX" to "Kong using WebAssembly" Co-authored-by: Hisham Muhammad <hisham@gobolinux.org> * Update app/_src/gateway/plugin-development/wasm.md Co-authored-by: Hisham Muhammad <hisham@gobolinux.org> * Avoid first-person plural * typo * fix vale to not flag Wasm * more vale fixes * Update app/_src/gateway/reference/wasm.md Co-authored-by: Hisham Muhammad <hisham@gobolinux.org> * Update app/_src/gateway/reference/wasm.md Co-authored-by: Hisham Muhammad <hisham@gobolinux.org> * Update app/_src/gateway/reference/wasm.md Co-authored-by: Hisham Muhammad <hisham@gobolinux.org> * keep list ordered * review suggestion * Update app/_src/gateway/plugin-development/wasm.md * title-case Kong DB entities * reword [proxy-]wasm language support explanation * typo: increase => increased * add note about lack of testing for other SDKs * reword proxy-wasm limitations and link to ngx_wasm_module * explain: route filters are executed after service filters * reword declarative/kong.yml instruction * dictionary: add new terms * make proxy-wasm link consistent between pages * explain: lua plugin interaction * fix typos * Update app/_src/gateway/reference/wasm.md Co-authored-by: Thibault Charbonnier <thibaultcha@users.noreply.github.com> * wrapping * reword Lua plugin vs wasm filter ordering warning * copy edit --------- Co-authored-by: Vinicius Mignot <vinicius.mignot@gmail.com> Co-authored-by: Angel <Guaris@users.noreply.github.com> Co-authored-by: Angel <angel.guarisma@konghq.com> Co-authored-by: Hisham Muhammad <hisham@gobolinux.org> Co-authored-by: Thibault Charbonnier <thibaultcha@users.noreply.github.com> * chore: Update plugins submodule for 3.4 (#5912) update plugins submodule for 3.4 * chore: Changelog for Kong Gateway 3.4.0.0 (#5905) * 3.4 changelog draft * all the formatting and clean up and links * descriptions and links for a bunch of new features * fix typos and disable vale * Apply suggestions from code review Co-authored-by: Angel <Guaris@users.noreply.github.com> * fix a typo --------- Co-authored-by: Angel <Guaris@users.noreply.github.com> * chore: Breaking changes in Kong Gateway 3.4 (#5914) * remove vitals changelog entry, change was reverted * breaking changes for 3.4 * appease vale * add zipkin to queue param affected plugins list * fix typo * chore: Add gpg/rsa gateway-34 repo keys (#5919) * chore: add compatibility issues for v3.4 (#5918) * chore: add compatibility issues for v3.4 Adds version compatibility issues for gateway v3.4. Removes D155 due to a reversal of support for datadog-tracing between v3.2 and v3.2.2. Adds a few other non v3.4 changeIDs. * typos and docs link --------- Signed-off-by: Aapo Talvensaari <aapo.talvensaari@gmail.com> Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> Co-authored-by: Michael Heap <m@michaelheap.com> Co-authored-by: Xiaoyan Rao <270668624@qq.com> Co-authored-by: Antoine Labarussias <antoine.labarussias@winamax.fr> Co-authored-by: Aapo Talvensaari <aapo.talvensaari@gmail.com> Co-authored-by: Yusheng Li <leeys.top@gmail.com> Co-authored-by: Hans Hübner <hans.huebner@gmail.com> Co-authored-by: Yufu Zhao <ms2008vip@gmail.com> Co-authored-by: Diana <75819066+cloudjumpercat@users.noreply.github.com> Co-authored-by: Qirui(Keery) Nie <windmgc@gmail.com> Co-authored-by: Wangchong Zhou <fffonion@gmail.com> Co-authored-by: Andy Zhang <AndyZhang0707@users.noreply.github.com> Co-authored-by: Joshua Schmid <joshua.schmid@konghq.com> Co-authored-by: Angel <angel.guarisma@konghq.com> Co-authored-by: Angel <Guaris@users.noreply.github.com> Co-authored-by: Enrique García Cota <kikito@gmail.com> Co-authored-by: Isa Farnik <isa@konghq.com> Co-authored-by: Chrono <chrono_cpp@me.com> Co-authored-by: Travis Raines <571832+rainest@users.noreply.github.com> Co-authored-by: Fabian Rodriguez <fabian.rodriguez@konghq.com> Co-authored-by: Michael Martin <flrgh@protonmail.com> Co-authored-by: Vinicius Mignot <vinicius.mignot@gmail.com> Co-authored-by: Hisham Muhammad <hisham@gobolinux.org> Co-authored-by: Thibault Charbonnier <thibaultcha@users.noreply.github.com> Co-authored-by: Amy Goldsmith <59702069+acgoldsmith@users.noreply.github.com> Co-authored-by: Alex Gaesser <alex.gaesser@konghq.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
What did you change and why?
Include any supporting resources, e.g. link to a Jira ticket, GH issue, FTI, Slack, Aha, etc.
This PR adds more explanation when user want to use the IAM Role defined by serviceaccount in an EKS environment to access RDS database. A request to the AWS STS service will happen inside this procedure so user have to make sure that they have no network restriction to the AWS STS service.
FTI-5211
Testing instructions
Netlify link:
Checklist
mainfor immediate publishing, or a release branch: e.g.release/gateway-3.2,release/deck-1.17)