Skip to content

self-hosted/docs: call out cert-manager route53 region behavior in EKS reference architecture #12399

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Tracked by #12709
adrienthebo opened this issue Aug 25, 2022 · 0 comments
Closed
Tracked by #12709

self-hosted/docs: call out cert-manager route53 region behavior in EKS reference architecture #12399

adrienthebo opened this issue Aug 25, 2022 · 0 comments
Assignees
@adrienthebo
Labels
feature: documentation self-hosted: eks Self hosted support for AWS EKS self-hosted: reference-architecture team: delivery Issue belongs to the self-hosted team type: improvement Improves an existing feature or existing code

Comments

@adrienthebo
Copy link
Contributor

Is your feature request related to a problem? Please describe

Per the AWS documentation, Route53 is a global API whose region must be either us-east-1 for non-China juristictions, and cn-northwest-1 for the Beijing and Ningxia regions. Accidentally inserting another region will break the issuer and effectively disable cert-manager.

As most AWS APIs are regional and only Route53 and IAM APIs have this disjunct behavior, it's difficult to identify the route53 as the region and customers are already running into this problem.

Describe the behaviour you'd like

The AWS documentation states the following:

When you use the AWS CLI or SDKs to submit requests, you can either leave the Region and endpoint unspecified, or specify the applicable Region:

We should update the EKS reference architecture to remove the explicit region setting (if possible) and add a callout indicating this behavior.
@adrienthebo adrienthebo added feature: documentation team: delivery Issue belongs to the self-hosted team labels Aug 25, 2022
@adrienthebo adrienthebo self-assigned this Aug 25, 2022
@adrienthebo adrienthebo mentioned this issue Aug 25, 2022
Closed
@adrienthebo adrienthebo added the type: improvement Improves an existing feature or existing code label Aug 25, 2022
@adrienthebo adrienthebo mentioned this issue Sep 6, 2022
Closed
22 tasks
Repository owner moved this from ⚒In Progress to ✨Done in 🚚 Security, Infrastructure, and Delivery Team (SID) Sep 15, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@adrienthebo adrienthebo

Labels
feature: documentation self-hosted: eks Self hosted support for AWS EKS self-hosted: reference-architecture team: delivery Issue belongs to the self-hosted team type: improvement Improves an existing feature or existing code
Projects
No open projects
🚚 Security, Infrastructure, and Delivery Team (SID)
Archived in project
Milestone
No milestone
Development

No branches or pull requests
1 participant
@adrienthebo