Skip to content

Commit

Permalink
Add support for soft deletion of AWS roles and policies (#173)
Browse files Browse the repository at this point in the history
  • Loading branch information
@omris94
omris94 authored Mar 3, 2024
1 parent 8a9c502 commit de45f96
Show file tree
Hide file tree
Showing 5 changed files with 18 additions and 7 deletions.
11 changes: 8 additions & 3 deletions credentials-operator/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
| `global.aws.enabled` | Enable or disable AWS integration | `false` |
| `global.aws.eksClusterNameOverride` | EKS cluster name (overrides auto-detection) | `(none)` |
| `global.azure.enabled` | Enable or disable Azure integration | `false` |
| `global.aws.useSoftDelete` | Use soft delete strategy (tag as deleted instead of actually delete) for AWS roles and policies | `false` |
| `global.telemetry.enabled` | If set to `false`, all anonymous telemetries collection will be disabled | `true` |
| `global.telemetry.usage.enabled` | If set to `false`, collection of anonymous telemetries on product usage will be disabled | `true` |
| `global.telemetry.errors.enabled` | If set to `false`, collection of anonymous telemetries on application crashes and errors will be disabled | `true` |
Expand Down Expand Up @@ -61,9 +62,13 @@
| `resources` | Resources of the container | `{}` |

## AWS integration parameters
| Key | Description | Default |
|---------------|----------------------------------------------------------|----------|
| `aws.roleARN` | ARN of the AWS role the operator will use to access AWS. | `(none)` |
| Key | Description | Default |
|-------------------------------------|-------------------------------------------------------------------------------------------------|----------|
| `aws.roleARN` | ARN of the AWS role the operator will use to access AWS. | `(none)` |
| `global.aws.enabled` | Enable or disable AWS integration | `false` |
| `global.aws.eksClusterNameOverride` | EKS cluster name (overrides auto-detection) | `(none)` |
| `global.aws.useSoftDelete` | Use soft delete strategy (tag as deleted instead of actually delete) for AWS roles and policies | `false` |


## Azure integration parameters
| Key | Description | Default |
Expand Down
3 changes: 3 additions & 0 deletions credentials-operator/templates/credentials-operator-deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,9 @@ spec:
- --cert-manager-approve-requests
{{- end }}
{{- end }}
{{- if eq true .Values.global.aws.useSoftDelete }}
- --aws-use-soft-delete=true
{{- end }}
{{ if eq true .Values.debug }}
- --debug=true
{{ end }}
Expand Down
1 change: 1 addition & 0 deletions credentials-operator/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ global:

aws:
enabled: false
useSoftDelete: false
eksClusterNameOverride:
roleARN:

Expand Down
9 changes: 5 additions & 4 deletions otterize-kubernetes/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,10 +38,11 @@ These parameters are used by multiple charts, and must be kept the same for the
| `global.otterizeCloud.apiExtraCAPEMSecret` | The name of a secret containing a single `CA.pem` file for an extra root CA used to connect to Otterize Cloud. The secret should be placed in the same namespace as the Otterize deployment. | `(none)` |

## AWS Integration parameters
| Key | Description | Default |
|-------------------------------------|---------------------------------------------|----------|
| `global.aws.enabled` | Enable or disable AWS integration | `false` |
| `global.aws.eksClusterNameOverride` | EKS cluster name (overrides auto-detection) | `(none)` |
| Key | Description | Default |
|-------------------------------------|-------------------------------------------------------------------------------------------------|----------|
| `global.aws.enabled` | Enable or disable AWS integration | `false` |
| `global.aws.eksClusterNameOverride` | EKS cluster name (overrides auto-detection) | `(none)` |
| `global.aws.useSoftDelete` | Use soft delete strategy (tag as deleted instead of actually delete) for AWS roles and policies | `false` |

## Azure Integration parameters
| Key | Description | Default |
Expand Down
1 change: 1 addition & 0 deletions otterize-kubernetes/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ global:

aws:
enabled: false
useSoftDelete: false
eksClusterNameOverride:

# Extra annotations for deployed pods
Expand Down

0 comments on commit de45f96

Please sign in to comment.