github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
k3s/Godeps
History
Kubernetes Submit Queue e794dce445 Merge pull request #48936 from jsafrane/aws-key-check 
Automatic merge from submit-queue

AWS: check validity of KSM key before creating a new encrypted disk.

AWS CreateVolume call does not check if referenced encryption key actually exists and returns a valid new AWS EBS volume even though an invalid key was specified. Later on it removes the EBS silently when its encryption fails.

To work around this buggy behavior we manually check that the key exists before calling CreateVolume.

Fixes #48438

/sig aws

Please review carefully. Can we safely assume that Kubernetes controller-manager can read encryption keys?

```release-note
aws: Kubernetes now checks existence of provided KSM (Key Management Service) key before creating an encrypted AWS EBS.
```
 		2017-08-30 08:05:56 -07:00
..
Godeps.json Merge pull request #48936 from jsafrane/aws-key-check 2017-08-30 08:05:56 -07:00
LICENSES Merge pull request #48936 from jsafrane/aws-key-check 2017-08-30 08:05:56 -07:00
Readme

Readme 

This directory tree is generated automatically by godep.

Please do not edit.

See https://github.com/tools/godep for more information.