search

aws / eks-anywhere

Run Amazon EKS on your own infrastructure 🚀
https://anywhere.eks.amazonaws.com
Apache License 2.0
1.97k stars 286 forks source link

Avoid building the snow aws client map for all snow machine configs #2809

Open vivek-koppuru opened 2 years ago

vivek-koppuru commented 2 years ago

Currently, we build the aws clients per device based on the creds that are passed in. For this CLI, this is the credentials file that gets passed in as an env var while for the controller, it is the creds that are stored in the secret.

These creds look like the following (example from https://github.com/aws/eks-anywhere/blob/main/pkg/aws/testdata/valid_credentials):

[1.2.3.4]
aws_access_key_id = ABCDEFGHIJKLMNOPQR2T
aws_secret_access_key = mysecretkey
region = snow

[1.2.3.5]
aws_access_key_id = ABCDEFGHIJKLMNOPQR2T
aws_secret_access_key = mysecretkey
region = snow

If the user specifies a machine config with these device ips, the validations for each device will happen for each of the machines here: https://github.com/aws/eks-anywhere/blob/main/pkg/providers/snow/validator.go.

However, there is no need to build the client map based on the creds file if we can just pull the ones we need based on the devices that the user specified in the machine config. By only building this client map based on the devices specified, we can have a client map based on the machine config or cluster that we are dealing with, if the user has extra ips defined in the file.

vivek-koppuru commented 2 years ago

Dependent on the AWS Snow SDK work that is being figured out in terms of changing how creds are passed, will update this issue accordingly