Skip to content

Commit

Permalink
Merge pull request #4577 from vincepri/s3-endpoint
Browse files Browse the repository at this point in the history 
When using an s3 bucket, add a vpc endpoint
  • Loading branch information
@k8s-ci-robot
k8s-ci-robot authored Nov 6, 2023
2 parents 07e91d2 + f39187f commit 3176fea
Show file tree
Hide file tree
Showing 25 changed files with 331 additions and 3 deletions.
8 changes: 8 additions & 0 deletions api/v1beta2/conditions_consts.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,14 @@ const (
RouteTableReconciliationFailedReason = "RouteTableReconciliationFailed"
)

const (
// VpcEndpointsReadyCondition reports successful reconciliation of vpc endpoints.
// Only applicable to managed clusters.
VpcEndpointsReadyCondition clusterv1.ConditionType = "VpcEndpointsReadyCondition"
// VpcEndpointsReconciliationFailedReason used when any errors occur during reconciliation of vpc endpoints.
VpcEndpointsReconciliationFailedReason = "VpcEndpointsReconciliationFailed"
)

const (
// SecondaryCidrsReadyCondition reports successful reconciliation of secondary CIDR blocks.
// Only applicable to managed clusters.
Expand Down
4 changes: 4 additions & 0 deletions cmd/clusterawsadm/cloudformation/bootstrap/cluster_api_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,9 @@ func (t Template) ControllersPolicy() *iamv1.PolicyDocument {
"ec2:CreateSubnet",
"ec2:CreateTags",
"ec2:CreateVpc",
"ec2:CreateVpcEndpoint",
"ec2:ModifyVpcAttribute",
"ec2:ModifyVpcEndpoint",
"ec2:DeleteInternetGateway",
"ec2:DeleteEgressOnlyInternetGateway",
"ec2:DeleteNatGateway",
Expand All @@ -112,6 +114,7 @@ func (t Template) ControllersPolicy() *iamv1.PolicyDocument {
"ec2:DeleteSubnet",
"ec2:DeleteTags",
"ec2:DeleteVpc",
"ec2:DeleteVpcEndpoints",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeAvailabilityZones",
Expand All @@ -129,6 +132,7 @@ func (t Template) ControllersPolicy() *iamv1.PolicyDocument {
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeVolumes",
"ec2:DescribeTags",
"ec2:DetachInternetGateway",
Expand Down
4 changes: 4 additions & 0 deletions cmd/clusterawsadm/cloudformation/bootstrap/fixtures/customsuffix.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,9 @@ Resources:
- ec2:CreateSubnet
- ec2:CreateTags
- ec2:CreateVpc
- ec2:CreateVpcEndpoint
- ec2:ModifyVpcAttribute
- ec2:ModifyVpcEndpoint
- ec2:DeleteInternetGateway
- ec2:DeleteEgressOnlyInternetGateway
- ec2:DeleteNatGateway
Expand All @@ -171,6 +173,7 @@ Resources:
- ec2:DeleteSubnet
- ec2:DeleteTags
- ec2:DeleteVpc
- ec2:DeleteVpcEndpoints
- ec2:DescribeAccountAttributes
- ec2:DescribeAddresses
- ec2:DescribeAvailabilityZones
Expand All @@ -188,6 +191,7 @@ Resources:
- ec2:DescribeSubnets
- ec2:DescribeVpcs
- ec2:DescribeVpcAttribute
- ec2:DescribeVpcEndpoints
- ec2:DescribeVolumes
- ec2:DescribeTags
- ec2:DetachInternetGateway
Expand Down
4 changes: 4 additions & 0 deletions cmd/clusterawsadm/cloudformation/bootstrap/fixtures/default.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,9 @@ Resources:
- ec2:CreateSubnet
- ec2:CreateTags
- ec2:CreateVpc
- ec2:CreateVpcEndpoint
- ec2:ModifyVpcAttribute
- ec2:ModifyVpcEndpoint
- ec2:DeleteInternetGateway
- ec2:DeleteEgressOnlyInternetGateway
- ec2:DeleteNatGateway
Expand All @@ -171,6 +173,7 @@ Resources:
- ec2:DeleteSubnet
- ec2:DeleteTags
- ec2:DeleteVpc
- ec2:DeleteVpcEndpoints
- ec2:DescribeAccountAttributes
- ec2:DescribeAddresses
- ec2:DescribeAvailabilityZones
Expand All @@ -188,6 +191,7 @@ Resources:
- ec2:DescribeSubnets
- ec2:DescribeVpcs
- ec2:DescribeVpcAttribute
- ec2:DescribeVpcEndpoints
- ec2:DescribeVolumes
- ec2:DescribeTags
- ec2:DetachInternetGateway
Expand Down
4 changes: 4 additions & 0 deletions cmd/clusterawsadm/cloudformation/bootstrap/fixtures/with_all_secret_backends.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -167,7 +167,9 @@ Resources:
- ec2:CreateSubnet
- ec2:CreateTags
- ec2:CreateVpc
- ec2:CreateVpcEndpoint
- ec2:ModifyVpcAttribute
- ec2:ModifyVpcEndpoint
- ec2:DeleteInternetGateway
- ec2:DeleteEgressOnlyInternetGateway
- ec2:DeleteNatGateway
Expand All @@ -177,6 +179,7 @@ Resources:
- ec2:DeleteSubnet
- ec2:DeleteTags
- ec2:DeleteVpc
- ec2:DeleteVpcEndpoints
- ec2:DescribeAccountAttributes
- ec2:DescribeAddresses
- ec2:DescribeAvailabilityZones
Expand All @@ -194,6 +197,7 @@ Resources:
- ec2:DescribeSubnets
- ec2:DescribeVpcs
- ec2:DescribeVpcAttribute
- ec2:DescribeVpcEndpoints
- ec2:DescribeVolumes
- ec2:DescribeTags
- ec2:DetachInternetGateway
Expand Down
4 changes: 4 additions & 0 deletions cmd/clusterawsadm/cloudformation/bootstrap/fixtures/with_allow_assume_role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,9 @@ Resources:
- ec2:CreateSubnet
- ec2:CreateTags
- ec2:CreateVpc
- ec2:CreateVpcEndpoint
- ec2:ModifyVpcAttribute
- ec2:ModifyVpcEndpoint
- ec2:DeleteInternetGateway
- ec2:DeleteEgressOnlyInternetGateway
- ec2:DeleteNatGateway
Expand All @@ -171,6 +173,7 @@ Resources:
- ec2:DeleteSubnet
- ec2:DeleteTags
- ec2:DeleteVpc
- ec2:DeleteVpcEndpoints
- ec2:DescribeAccountAttributes
- ec2:DescribeAddresses
- ec2:DescribeAvailabilityZones
Expand All @@ -188,6 +191,7 @@ Resources:
- ec2:DescribeSubnets
- ec2:DescribeVpcs
- ec2:DescribeVpcAttribute
- ec2:DescribeVpcEndpoints
- ec2:DescribeVolumes
- ec2:DescribeTags
- ec2:DetachInternetGateway
Expand Down
4 changes: 4 additions & 0 deletions cmd/clusterawsadm/cloudformation/bootstrap/fixtures/with_bootstrap_user.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -167,7 +167,9 @@ Resources:
- ec2:CreateSubnet
- ec2:CreateTags
- ec2:CreateVpc
- ec2:CreateVpcEndpoint
- ec2:ModifyVpcAttribute
- ec2:ModifyVpcEndpoint
- ec2:DeleteInternetGateway
- ec2:DeleteEgressOnlyInternetGateway
- ec2:DeleteNatGateway
Expand All @@ -177,6 +179,7 @@ Resources:
- ec2:DeleteSubnet
- ec2:DeleteTags
- ec2:DeleteVpc
- ec2:DeleteVpcEndpoints
- ec2:DescribeAccountAttributes
- ec2:DescribeAddresses
- ec2:DescribeAvailabilityZones
Expand All @@ -194,6 +197,7 @@ Resources:
- ec2:DescribeSubnets
- ec2:DescribeVpcs
- ec2:DescribeVpcAttribute
- ec2:DescribeVpcEndpoints
- ec2:DescribeVolumes
- ec2:DescribeTags
- ec2:DetachInternetGateway
Expand Down
4 changes: 4 additions & 0 deletions cmd/clusterawsadm/cloudformation/bootstrap/fixtures/with_custom_bootstrap_user.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -167,7 +167,9 @@ Resources:
- ec2:CreateSubnet
- ec2:CreateTags
- ec2:CreateVpc
- ec2:CreateVpcEndpoint
- ec2:ModifyVpcAttribute
- ec2:ModifyVpcEndpoint
- ec2:DeleteInternetGateway
- ec2:DeleteEgressOnlyInternetGateway
- ec2:DeleteNatGateway
Expand All @@ -177,6 +179,7 @@ Resources:
- ec2:DeleteSubnet
- ec2:DeleteTags
- ec2:DeleteVpc
- ec2:DeleteVpcEndpoints
- ec2:DescribeAccountAttributes
- ec2:DescribeAddresses
- ec2:DescribeAvailabilityZones
Expand All @@ -194,6 +197,7 @@ Resources:
- ec2:DescribeSubnets
- ec2:DescribeVpcs
- ec2:DescribeVpcAttribute
- ec2:DescribeVpcEndpoints
- ec2:DescribeVolumes
- ec2:DescribeTags
- ec2:DetachInternetGateway
Expand Down
4 changes: 4 additions & 0 deletions cmd/clusterawsadm/cloudformation/bootstrap/fixtures/with_different_instance_profiles.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,9 @@ Resources:
- ec2:CreateSubnet
- ec2:CreateTags
- ec2:CreateVpc
- ec2:CreateVpcEndpoint
- ec2:ModifyVpcAttribute
- ec2:ModifyVpcEndpoint
- ec2:DeleteInternetGateway
- ec2:DeleteEgressOnlyInternetGateway
- ec2:DeleteNatGateway
Expand All @@ -171,6 +173,7 @@ Resources:
- ec2:DeleteSubnet
- ec2:DeleteTags
- ec2:DeleteVpc
- ec2:DeleteVpcEndpoints
- ec2:DescribeAccountAttributes
- ec2:DescribeAddresses
- ec2:DescribeAvailabilityZones
Expand All @@ -188,6 +191,7 @@ Resources:
- ec2:DescribeSubnets
- ec2:DescribeVpcs
- ec2:DescribeVpcAttribute
- ec2:DescribeVpcEndpoints
- ec2:DescribeVolumes
- ec2:DescribeTags
- ec2:DetachInternetGateway
Expand Down
4 changes: 4 additions & 0 deletions cmd/clusterawsadm/cloudformation/bootstrap/fixtures/with_eks_console.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,9 @@ Resources:
- ec2:CreateSubnet
- ec2:CreateTags
- ec2:CreateVpc
- ec2:CreateVpcEndpoint
- ec2:ModifyVpcAttribute
- ec2:ModifyVpcEndpoint
- ec2:DeleteInternetGateway
- ec2:DeleteEgressOnlyInternetGateway
- ec2:DeleteNatGateway
Expand All @@ -171,6 +173,7 @@ Resources:
- ec2:DeleteSubnet
- ec2:DeleteTags
- ec2:DeleteVpc
- ec2:DeleteVpcEndpoints
- ec2:DescribeAccountAttributes
- ec2:DescribeAddresses
- ec2:DescribeAvailabilityZones
Expand All @@ -188,6 +191,7 @@ Resources:
- ec2:DescribeSubnets
- ec2:DescribeVpcs
- ec2:DescribeVpcAttribute
- ec2:DescribeVpcEndpoints
- ec2:DescribeVolumes
- ec2:DescribeTags
- ec2:DetachInternetGateway
Expand Down
4 changes: 4 additions & 0 deletions cmd/clusterawsadm/cloudformation/bootstrap/fixtures/with_eks_default_roles.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,9 @@ Resources:
- ec2:CreateSubnet
- ec2:CreateTags
- ec2:CreateVpc
- ec2:CreateVpcEndpoint
- ec2:ModifyVpcAttribute
- ec2:ModifyVpcEndpoint
- ec2:DeleteInternetGateway
- ec2:DeleteEgressOnlyInternetGateway
- ec2:DeleteNatGateway
Expand All @@ -171,6 +173,7 @@ Resources:
- ec2:DeleteSubnet
- ec2:DeleteTags
- ec2:DeleteVpc
- ec2:DeleteVpcEndpoints
- ec2:DescribeAccountAttributes
- ec2:DescribeAddresses
- ec2:DescribeAvailabilityZones
Expand All @@ -188,6 +191,7 @@ Resources:
- ec2:DescribeSubnets
- ec2:DescribeVpcs
- ec2:DescribeVpcAttribute
- ec2:DescribeVpcEndpoints
- ec2:DescribeVolumes
- ec2:DescribeTags
- ec2:DetachInternetGateway
Expand Down
4 changes: 4 additions & 0 deletions cmd/clusterawsadm/cloudformation/bootstrap/fixtures/with_eks_disable.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,9 @@ Resources:
- ec2:CreateSubnet
- ec2:CreateTags
- ec2:CreateVpc
- ec2:CreateVpcEndpoint
- ec2:ModifyVpcAttribute
- ec2:ModifyVpcEndpoint
- ec2:DeleteInternetGateway
- ec2:DeleteEgressOnlyInternetGateway
- ec2:DeleteNatGateway
Expand All @@ -171,6 +173,7 @@ Resources:
- ec2:DeleteSubnet
- ec2:DeleteTags
- ec2:DeleteVpc
- ec2:DeleteVpcEndpoints
- ec2:DescribeAccountAttributes
- ec2:DescribeAddresses
- ec2:DescribeAvailabilityZones
Expand All @@ -188,6 +191,7 @@ Resources:
- ec2:DescribeSubnets
- ec2:DescribeVpcs
- ec2:DescribeVpcAttribute
- ec2:DescribeVpcEndpoints
- ec2:DescribeVolumes
- ec2:DescribeTags
- ec2:DetachInternetGateway
Expand Down
4 changes: 4 additions & 0 deletions cmd/clusterawsadm/cloudformation/bootstrap/fixtures/with_eks_kms_prefix.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,9 @@ Resources:
- ec2:CreateSubnet
- ec2:CreateTags
- ec2:CreateVpc
- ec2:CreateVpcEndpoint
- ec2:ModifyVpcAttribute
- ec2:ModifyVpcEndpoint
- ec2:DeleteInternetGateway
- ec2:DeleteEgressOnlyInternetGateway
- ec2:DeleteNatGateway
Expand All @@ -171,6 +173,7 @@ Resources:
- ec2:DeleteSubnet
- ec2:DeleteTags
- ec2:DeleteVpc
- ec2:DeleteVpcEndpoints
- ec2:DescribeAccountAttributes
- ec2:DescribeAddresses
- ec2:DescribeAvailabilityZones
Expand All @@ -188,6 +191,7 @@ Resources:
- ec2:DescribeSubnets
- ec2:DescribeVpcs
- ec2:DescribeVpcAttribute
- ec2:DescribeVpcEndpoints
- ec2:DescribeVolumes
- ec2:DescribeTags
- ec2:DetachInternetGateway
Expand Down
4 changes: 4 additions & 0 deletions cmd/clusterawsadm/cloudformation/bootstrap/fixtures/with_extra_statements.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -167,7 +167,9 @@ Resources:
- ec2:CreateSubnet
- ec2:CreateTags
- ec2:CreateVpc
- ec2:CreateVpcEndpoint
- ec2:ModifyVpcAttribute
- ec2:ModifyVpcEndpoint
- ec2:DeleteInternetGateway
- ec2:DeleteEgressOnlyInternetGateway
- ec2:DeleteNatGateway
Expand All @@ -177,6 +179,7 @@ Resources:
- ec2:DeleteSubnet
- ec2:DeleteTags
- ec2:DeleteVpc
- ec2:DeleteVpcEndpoints
- ec2:DescribeAccountAttributes
- ec2:DescribeAddresses
- ec2:DescribeAvailabilityZones
Expand All @@ -194,6 +197,7 @@ Resources:
- ec2:DescribeSubnets
- ec2:DescribeVpcs
- ec2:DescribeVpcAttribute
- ec2:DescribeVpcEndpoints
- ec2:DescribeVolumes
- ec2:DescribeTags
- ec2:DetachInternetGateway
Expand Down
4 changes: 4 additions & 0 deletions cmd/clusterawsadm/cloudformation/bootstrap/fixtures/with_s3_bucket.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,9 @@ Resources:
- ec2:CreateSubnet
- ec2:CreateTags
- ec2:CreateVpc
- ec2:CreateVpcEndpoint
- ec2:ModifyVpcAttribute
- ec2:ModifyVpcEndpoint
- ec2:DeleteInternetGateway
- ec2:DeleteEgressOnlyInternetGateway
- ec2:DeleteNatGateway
Expand All @@ -171,6 +173,7 @@ Resources:
- ec2:DeleteSubnet
- ec2:DeleteTags
- ec2:DeleteVpc
- ec2:DeleteVpcEndpoints
- ec2:DescribeAccountAttributes
- ec2:DescribeAddresses
- ec2:DescribeAvailabilityZones
Expand All @@ -188,6 +191,7 @@ Resources:
- ec2:DescribeSubnets
- ec2:DescribeVpcs
- ec2:DescribeVpcAttribute
- ec2:DescribeVpcEndpoints
- ec2:DescribeVolumes
- ec2:DescribeTags
- ec2:DetachInternetGateway
Expand Down
Loading

0 comments on commit 3176fea

Please sign in to comment.