Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Corrected self-managed KMS key instructions #823

Closed
wants to merge 94 commits into from
Closed

Corrected self-managed KMS key instructions #823

wants to merge 94 commits into from

Conversation

rizblie
Copy link

@rizblie rizblie commented Jan 7, 2025

Issue #, if available:

Description of changes:

Fix to create-storage-class.html to correct instructions for creating self-managed KMS key.

The example IAM policy provided on this page is a resource policy that is designed to be used as a key policy attached directly to a KMS key, and is used to grant permissions to specific principals allowed to use the key.

However the instructions were incorrectly suggesting that this policy should be attached to the EKS cluster role. This is not allowed, as the policy contains "Principal" attributes. The instructions also contained an ambiguous statement "Insert the ARN of the new self-managed KMS key." without saying where this ARN should be inserted!

The correct instructions should be to attach the resource policy to the KMS key directly. The page has been updated to reflect this.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

geoffcline and others added 30 commits November 5, 2024 23:58
@geoffcline
init github branch
2ef9e38
@geoffcline
update mainline
beefa1f
@geoffcline
add vale files
5401d1a
@pgasca
Added redirects.
555b53b
@chrisnegus @geoffcline
publish cn-ml-on-eks
fc06aca
@geoffcline
remove shared dir
09915f9
@geoffcline
publish updatee AmazonEKSComputePolicy
f00cb54
@chrisnegus
Added redirects for deleted vt1 and dl1 pages
ccdd632
@pgasca
Corrected example version inconsistency: 44487
33a687a
@pgasca
Changed approaches for eksctl-min-version attribute that is less like…
9e8cd63 
…ly to cause rendering issues.
@pgasca
Merged from priv/pg-metrics-phase1 into mainline.
bfc8dd8
@pgasca
Added suggested language from EFS GitHub: 44503
739c8d9
@pgasca
Created more direct link in doc history and adjusted section level.
4bd8fff
@pgasca
Fixedissue in codeblock that was being interpreted as italic formatting.
e7d5da3
@chrisnegus
Updated ML docs per review
0a7189e
@chrisnegus
Merged from cn-ml-update into mainline.
15e4649
@jiechen0826
Add November 2024 Amazon EKS optimized Windows AMI versions
cf114c9 
cr: https://code.amazon.com/reviews/CR-160016097
@pgasca
Revert "Add November 2024 Amazon EKS optimized Windows AMI versions"
7e001d7 
This reverts commit cf114c9.
@pgasca
Globally cleanup table formatting for easier contributions.
743cbc6
@fincd-aws
CoreDNS release
49874b5
@fincd-aws
Fix VSCode snippet typo
072ed42
@fincd-aws
Fix broken links
f8d2dbb
@fincd-aws
kube-proxy release
16223ac
@pgasca
Add November 2024 Amazon EKS optimized Windows AMI versions
9927c35
@darlaker
Incorp review comments for add-on roles
5fe3e77
@darlaker
Corrections to final EKS Pod Identities console feature
9cade94
@darlaker
Merge branch 'mainline' into dk-addon-console
76d9bf9
@pgasca
Fixed broken link: 44551
c34ea0c
@jiechen0826 @pgasca
Fix EKS Windows AMI Nov PT
5534cc7 
cr: https://code.amazon.com/reviews/CR-160353456
@darlaker
Updated doc history for auto role creation
2705018
pgasca and others added 28 commits December 3, 2024 21:35
@pgasca
eksctl 0.197.0: https://github.com/eksctl-io/eksctl/releases/tag/v0.1…
1968b09 
…97.0
@pgasca
Corrected validation warnings.
2a61b74
@pgasca
Corrected asciidoctor errors.
db93e63
@pgasca
Corrected various Asciidoctor validation warnings and did some standa…
5c99bf4 
…rdization edits.
@geoffcline
fixes for auto mode
d04c604
@darlaker
Update branding to NetApp Trident
97e15d2
@darlaker
Fix typo in naming update
c2db2aa
@geoffcline
move to JDK17
2329a75
@geoffcline
Revert "move to JDK17"
2873629 
This reverts commit 2329a75.
@pgasca
Updated trust policy formatting to match what is currently used when …
8c3bf38 
…creating thru the console.
@geoffcline
fixes for pod id and k8s versions
7d1b758
@geoffcline
auto mode fixes
8c9506d
@geoffcline
fixup node class
6121ad5
@pgasca
Merged from priv/pg-node-auto-repair into mainline.
3088c3d
@pgasca
Corrected number of columns.
3ea6b15
@pgasca
Minor rewrite.
e280aa0
@pgasca
Made more improvements for node health information.
cac9462
@chrisnegus
Added new Run Windows GPU AMIs section
f9fde72
@pgasca
Refreshed page.
7acc2a5
@pgasca
Added Edit this page on GitHub for every file.
f600414
@lindseyspirit
reinstated github contribution banner
8f1730d
@geoffcline
remove draft content
4d52b4d
@tambetliiv
fix v1.31 changelog link typo
6f29f41
@asjarre
Fixed the fomatting of the broken links by changing from the <<>> for…
e804c36 
…mat to long format link:
@pgasca
Merge pull request awsdocs#815 from tambetliiv/patch-1
fa8ffd1 
fix v1.31 changelog link typo
@pgasca
Update troubleshooting.adoc
a11eb28 
Replaced the external link approach workaround with a fix that allows the preferred cross-reference syntax. Opening inline code with double backticks instead of single backticks was the true source of the problem.
@pgasca
Merge pull request awsdocs#821 from asjarre/fixed-links-troubleshooting
5d5bd4d 
Replaced outside inline code with single backticks instead of double backticks to solve cross-references being rendered incorrectly elsewhere on the page.
@rizblie
Corrected self-managed KMS key instructions
913fb81
@geoffcline geoffcline closed this Jan 13, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.