Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

What is degraded state in EKS ?

0

I read this page https://docs.aws.amazon.com/eks/latest/userguide/enable-kms.html, it says that

If you enable secrets encryption for an existing cluster and the KMS key that you use is ever deleted, then there's no way to recover the cluster. If you delete the KMS key, you permanently put the cluster in a degraded state.

My question is what does degraded state means ?

Temas
Seguridad, identidad y cumplimientoContenedoresAWS Well-Architected FrameworkGestión y gobierno
Etiquetas
AWS Key Management ServiceServicio Amazon Elastic KubernetesSeguridadAWS Account Management
Idioma
English
apriliopajri
preguntada hace un año286 visualizaciones
1 Respuesta
0

I think it means that the EKS cluster can't perform all of its functions, such as creating new Kubernetes secrets and running pods. You can't create a new Kubernetes secret and encrypt it, and the pods running inside the cluster can't decrypt the Kubernetes secrets as the existing KMS key is deleted.

So, you would have to create a new EKS cluster with a new KMS key.

Sivaraman
respondido hace un año

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante