Use AWS STS regional endpoint instead of AWS Global Endpoint by default for argocd-application-controller #20375
Labels
component:auth
component:docs
component:multi-cluster
Features related to clusters management
enhancement
New feature or request
Comments
agaudreault
added
component:auth
component:multi-cluster
|
@sushanth0910 as an open-source project, I don't see any configuration on this project on AWS STS, If this is related to the AWSAuthConfig, can you provide documentation and/or additional configuration that are required when users configure EKS clusters? Since this is a user configuration and not something built-in the project, I think the only possibility here is to update documentation. Could you submit a pull request? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
I am from EKS team, for some EKS clusters which are using argoCD we have observed this user-agent argocd-application-controller defaults to using global STS endpoint rather than the regional STS endpoint.
It is recommended to use the AWS regional endpoint rather than the global endpoint. This ensures better performance and compliance with AWS best practices.
https://docs.aws.amazon.com/sdkref/latest/guide/feature-sts-regionalized-endpoints.html
Motivation
Using AWS regional endpoints improves performance by reducing latency and enhances availability by eliminating dependencies on global services. It also ensures compliance with region-specific regulations and optimizes resource utilization.
Proposal
We propose argocd-application-controller need to use the AWS regional STS endpoint by default instead of the global endpoint to enhance performance, reduce latency, and align with AWS best practices.
The text was updated successfully, but these errors were encountered: