By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

What is degraded state in EKS ?

0

I read this page https://docs.aws.amazon.com/eks/latest/userguide/enable-kms.html, it says that

If you enable secrets encryption for an existing cluster and the KMS key that you use is ever deleted, then there's no way to recover the cluster. If you delete the KMS key, you permanently put the cluster in a degraded state.

My question is what does degraded state means ?

Topics
Security, Identity, & ComplianceContainersAWS Well-Architected FrameworkManagement & Governance
Tags
AWS Key Management ServiceAmazon Elastic Kubernetes ServiceSecurityAWS Account Management
Language
English
apriliopajri
asked a year ago278 views
1 Answer
0

I think it means that the EKS cluster can't perform all of its functions, such as creating new Kubernetes secrets and running pods. You can't create a new Kubernetes secret and encrypt it, and the pods running inside the cluster can't decrypt the Kubernetes secrets as the existing KMS key is deleted.

So, you would have to create a new EKS cluster with a new KMS key.

Sivaraman
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content