✨ ec2: Add support for userdata privacy #1490
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
k8s-ci-robot
added
do-not-merge/work-in-progress
k8s-ci-robot
added
the
size/XL
vincepri
reviewed
Jan 21, 2020
ncdc
reviewed
Jan 21, 2020
k8s-ci-robot
added
size/XXL
randomvariable
force-pushed
the
encrypted-userdata
branch
from
695bae7
to
24ddd6b
Compare
randomvariable
commented
Jan 24, 2020
ncdc
reviewed
Jan 24, 2020
vincepri
reviewed
Jan 25, 2020
randomvariable
force-pushed
the
encrypted-userdata
branch
4 times, most recently
from
877ceac
to
4180851
Compare
vincepri
reviewed
Jan 28, 2020
randomvariable
force-pushed
the
encrypted-userdata
branch
6 times, most recently
from
442ea6e
to
e02dc3c
Compare
randomvariable
changed the title
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
|
/hold |
k8s-ci-robot
added
the
do-not-merge/hold
vincepri
reviewed
Feb 4, 2020
randomvariable
force-pushed
the
encrypted-userdata
branch
from
8a2c011
to
880c6f8
Compare
vincepri
reviewed
Feb 4, 2020
randomvariable
force-pushed
the
encrypted-userdata
branch
3 times, most recently
from
e5f795e
to
25c208f
Compare
|
rebasing for new conversion gen |
randomvariable
force-pushed
the
encrypted-userdata
branch
from
25c208f
to
1101019
Compare
|
vincepri
approved these changes
Feb 4, 2020
k8s-ci-robot
added
the
lgtm
|
argh. some of these converted function names changed |
randomvariable
force-pushed
the
encrypted-userdata
branch
from
1101019
to
02d50da
Compare
k8s-ci-robot
removed
the
lgtm
|
linters are appeased |
|
waiting for green CI |
randomvariable
changed the title
|
done |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
Need to make sure we record action-required changes to the IAM policy b/c of this PR in the release notes. |
This was referenced Jan 18, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Naadir Jeewa jeewan@vmware.com
What this PR does / why we need it:
Re-introduction of #189
Fixes #1387
Fixes #1410
Fixes #1510
Optionally modifies the userdata to make use of a multi-part MIME archive to make cloud-init download userdata from AWS Secrets Manager.
In support of ensuring secrets are deleted as soon as they are not useful, the EC2 state machine has been refined to skip over operations that cannot occur on terminating and terminated instances.