Closed ntwkninja closed 4 months ago
Is this meant to be a research spike/ADR? Or to actually change which AMI is used by the examples?
Currently:
Notes:
allow_insecure_vars = true
variable.Yes, was intended to be a research spike.
Also, agree @RothAndrew
I think there would be a lot of benefit to standardizing on an aws-supported distroless AMI for EKS (bottlerocket) and allowing users to set the flag mentioned if they prefer a different option.
Building STIG-compliant amis for EKS
Related Issues: FIPS EKS AMI issue FIPS Bottlerocket issue
Edit: EC2 image builder is inconsistent for things in the user_data and if we're going to do something custom, we may want to consider packer.
Definition of Done: