search

aws-quickstart / cdk-eks-blueprints

AWS Quick Start Team
Apache License 2.0
446 stars 198 forks source link

Nodes as SSM Managed Instances #432

Closed nickd-beemit closed 2 years ago

nickd-beemit commented 2 years ago

Describe the feature

Give worker nodes SSM IAM perms so they become SSM-connected

Use Case

All of the Good Things about SSM

Proposed Solution

Add AmazonSSMManagedInstanceCore to worker node Instance Profiles

Other Information

I tested manually doing this and it worked; the SSM Agent is already installed and will connect on launch.

I may be able to implement but am CDK noobie and NFI where the change is required.

Acknowledgements

CDK version used

2.25.0

EKS Blueprints Version

1.0.4

Node.js Version

v18.2.0

Environment details (OS name and version, etc.)

Darwin FVFG72MLQ6LT 21.5.0 Darwin Kernel Version 21.5.0: Tue Apr 26 21:08:29 PDT 2022; root:xnu-8020.121.3~4/RELEASE_ARM64_T8101 arm64

shapirov103 commented 2 years ago

@nickd-beemit have you tried leveraging the SSMAgent add-on? It does add permissions to the node role.

nickd-beemit commented 2 years ago

Thanks!