Skip to content

self-hosted/docs: call out cert-manager route53 region behavior in EKS reference architecture #12399

New issue
New issue
Closed
Closed
self-hosted/docs: call out cert-manager route53 region behavior in EKS reference architecture#12399
Assignees
adrienthebo
Labels
feature: documentationself-hosted: eksSelf hosted support for AWS EKSself-hosted: reference-architectureteam: deliveryIssue belongs to the self-hosted teamtype: improvementImproves an existing feature or existing code
@adrienthebo

Description

@adrienthebo
adrienthebo
opened on Aug 25, 2022

Is your feature request related to a problem? Please describe

Per the AWS documentation, Route53 is a global API whose region must be either us-east-1 for non-China juristictions, and cn-northwest-1 for the Beijing and Ningxia regions. Accidentally inserting another region will break the issuer and effectively disable cert-manager.

As most AWS APIs are regional and only Route53 and IAM APIs have this disjunct behavior, it's difficult to identify the route53 as the region and customers are already running into this problem.

Describe the behaviour you'd like

The AWS documentation states the following:

When you use the AWS CLI or SDKs to submit requests, you can either leave the Region and endpoint unspecified, or specify the applicable Region:

We should update the EKS reference architecture to remove the explicit region setting (if possible) and add a callout indicating this behavior.

Metadata

Metadata

Assignees

Labels

feature: documentationself-hosted: eksSelf hosted support for AWS EKSself-hosted: reference-architectureteam: deliveryIssue belongs to the self-hosted teamtype: improvementImproves an existing feature or existing code

Type

No type

Projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions