使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

What is degraded state in EKS ?

0

I read this page https://docs.aws.amazon.com/eks/latest/userguide/enable-kms.html, it says that

If you enable secrets encryption for an existing cluster and the KMS key that you use is ever deleted, then there's no way to recover the cluster. If you delete the KMS key, you permanently put the cluster in a degraded state.

My question is what does degraded state means ?

主題
安全性、身分識別與合規容器AWS Well-Architected Framework管理與治理
標籤
AWS Key Management ServiceAmazon Elastic Kubernetes Service安全性AWS Account Management
語言
English
apriliopajri
已提問 1 年前檢視次數 285 次
1 個回答
0

I think it means that the EKS cluster can't perform all of its functions, such as creating new Kubernetes secrets and running pods. You can't create a new Kubernetes secret and encrypt it, and the pods running inside the cluster can't decrypt the Kubernetes secrets as the existing KMS key is deleted.

So, you would have to create a new EKS cluster with a new KMS key.

Sivaraman
已回答 1 年前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容