使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post

What is degraded state in EKS ?

0

I read this page https://docs.aws.amazon.com/eks/latest/userguide/enable-kms.html, it says that

If you enable secrets encryption for an existing cluster and the KMS key that you use is ever deleted, then there's no way to recover the cluster. If you delete the KMS key, you permanently put the cluster in a degraded state.

My question is what does degraded state means ?

主题
安全、身份和合规性容器AWS 架构完善的框架管理与治理
标签
AWS 智能钥匙管理服务亚马逊弹性 Kubernetes 服务安全AWS 账户管理
语言
English
apriliopajri
已提问 1 年前285 查看次数
1 回答
0

I think it means that the EKS cluster can't perform all of its functions, such as creating new Kubernetes secrets and running pods. You can't create a new Kubernetes secret and encrypt it, and the pods running inside the cluster can't decrypt the Kubernetes secrets as the existing KMS key is deleted.

So, you would have to create a new EKS cluster with a new KMS key.

Sivaraman
已回答 1 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则

相关内容