Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Give external-dns assume role capabilities with route53 provider (helm) #1112

Merged
merged 2 commits into from
Apr 3, 2023
Merged

Give external-dns assume role capabilities with route53 provider (helm) #1112

merged 2 commits into from
Apr 3, 2023

Conversation

eliasbokreta
Copy link
Contributor

@eliasbokreta eliasbokreta commented Apr 3, 2023
edited

Hello,

I would like to add the capability for external-dns to assume role, using route53 provider when the hosted zones are handled in a different AWS account by adding --aws-assume-role argument (see this external-dns PR).
The change was successfully deployed on our clusters and is now, able to access the given hosted zone.

Besides this change, I've also fixed route53.irsaRole when disabled. The json schema validation regex was not allowing any other value than a valid ARN string.

If anything is unclear/missing please let me know 🙂

@eliasbokreta
Add external-dns assume role capability
e442d67 
Allow accessing AWS Route53 hosted zones handled in different AWS accounts thru
assume role

Signed-off-by: eliasbokreta <elias.bokreta@gmail.com>
@eliasbokreta
Fix route53 irsaRole expected value for disabled behavior
26ab539 
The disabled option of the irsaRole key was not working due to json schema
validation regex. Modified the expected value to `null`.

Signed-off-by: eliasbokreta <elias.bokreta@gmail.com>
@github-advanced-security
Copy link

You have successfully added a new terrascan configuration .github/workflows/terrascan.yaml:terrascan. As part of the setup process, we have scanned this repository and found no existing alerts. In the future, you will see all code scanning alerts on the repository Security tab.

ytsarev
ytsarev approved these changes Apr 3, 2023
View reviewed changes
Copy link
Member

@ytsarev ytsarev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The changes look great. Thank you so much for this contribution!

@ytsarev ytsarev merged commit 9065b38 into k8gb-io:master Apr 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ytsarev ytsarev ytsarev approved these changes

@donovanmuller donovanmuller Awaiting requested review from donovanmuller donovanmuller is a code owner

@k0da k0da Awaiting requested review from k0da k0da is a code owner

@kuritka kuritka Awaiting requested review from kuritka kuritka is a code owner

@somaritane somaritane Awaiting requested review from somaritane

@jkremser jkremser Awaiting requested review from jkremser jkremser is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@eliasbokreta @ytsarev