You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If we can perform terraform and aws cli operations using the SSO, we would benefit from using short-lived creds and can get rid of our IAM users altogether. This will also avoid storing the long-term creds locally to perform these operations.
Questions / Assumptions
Definition of done
Firebreak finding documented appropriately
Demo completed
Decision made on whether to progress Firebreak work
Does next steps require User Research?
Firebreak next step Issues created
New Issues referenced in this story before closure
The text was updated successfully, but these errors were encountered:
Background
EKS aws-auth has the provision to add SSO Administrator role. Can Cloud Platform utlilize this provision and get rid of of individual IAM users added in the cluster config https://github.com/ministryofjustice/cloud-platform-infrastructure/blob/main/terraform/aws-accounts/cloud-platform-aws/vpc/eks/cluster.tf#L195-L268
Guide on configuring SSO with admin role: https://aws.amazon.com/blogs/containers/a-quick-path-to-amazon-eks-single-sign-on-using-aws-sso/
If we can perform terraform and aws cli operations using the SSO, we would benefit from using short-lived creds and can get rid of our IAM users altogether. This will also avoid storing the long-term creds locally to perform these operations.
Questions / Assumptions
Definition of done
The text was updated successfully, but these errors were encountered: