Enable Management of Multiple Kubernetes workloads with Centralized ECS Delegate
under review
R
Rubber Scallop
To reduce load on developer teams, our product team would like to maintain Kubernetes workloads through our Centralized ECS Delegate.
Currently, users that deploy into EKS have to create and maintain their own EKS delegates. This has been a pain point for our users and adds complexity to onboarding as well as overhead on the development teams.
Log In
Shylaja Sundararajan
under review
R
Rubber Scallop
To add more details on the issue:
Restrictions on Service Accounts: JPMC imposes restrictions on service accounts, making IRSA (IAM Roles for Service Accounts) not a viable solution.
Delegate Misconfiguration: When setting up the connector to run the SAML assertion and obtain the secret, it runs on the wrong delegate. The delegate defined in the connector overrides the one defined on the secret connector, and the other delegates lack the necessary permissions.