search

nirmata / kyverno-aws-adapter

An adapter for Amazon EKS to use with Kyverno for making policy decisions
Apache License 2.0
11 stars 5 forks source link

feat: Detect deprecated AMIs #66

Closed kbeniwal closed 1 year ago

kbeniwal commented 1 year ago

Fixes Issue #63

Old awsacfg:

  reservations:
  - instances:
    - httpPutResponseHopLimit: 2
      publicDnsName: ec2-11-111-11-11.us-west-1.compute.amazonaws.com

New awsacfg:

  reservations:
  - instances:
    - amazonMachineImage:
        architecture: x86_64
        creationTime: "2023-03-05T17:40:14.000Z"
        deprecationTime: "2025-03-05T17:40:14.000Z"
        id: ami-0efaccd6711a132b2
        location: amazon/amazon-eks-node-1.25-v11111111
        name: amazon-eks-node-1.25-v11111111
        ownerId: "111111111111"
        platformDetails: Linux/UNIX
        public: true
        state: available
        type: machine
      httpPutResponseHopLimit: 2
      publicDnsName: ec2-11-111-11-11.us-west-1.compute.amazonaws.com
kbeniwal commented 1 year ago

Sometime, we should take up the code refactoring as per https://github.com/nirmata/kyverno-aws-adapter/issues/52. Sooner than later, else the main file will keep growing.

Yes, this even I felt when making changes in the Reconcile() method, as it's making the code harder to manage and navigate. Thank you for bringing this up, we should definitely address this as soon as possible.