Changed 'assumeRole' to 'assumeRoleARN'

aws · Aug 8, 2023 · b4df2c1 · b4df2c1
1 parent ae81508
commit b4df2c1
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 14 deletions.
diff --git a/charts/karpenter/values.yaml b/charts/karpenter/values.yaml
@@ -167,8 +167,8 @@ settings:
   # -- AWS-specific configuration values
   aws:
     # -- Role to assume for calling AWS services.
-    assumeRole: ""
-    # -- Duration of assumed credentials in minutes. Default value is 15 minutes. Not used unless aws.assumeRole set.
+    assumeRoleARN: ""
+    # -- Duration of assumed credentials in minutes. Default value is 15 minutes. Not used unless aws.assumeRoleARN set.
     assumeRoleDuration: ""
     # -- Cluster name.
     clusterName: ""

diff --git a/pkg/apis/settings/settings.go b/pkg/apis/settings/settings.go
@@ -35,7 +35,7 @@ type settingsKeyType struct{}
 var ContextKey = settingsKeyType{}
 
 var defaultSettings = &Settings{
-	AssumeRole:                 "",
+	AssumeRoleARN:              "",
 	ClusterName:                "",
 	ClusterEndpoint:            "",
 	AssumeRoleDuration:         time.Duration(15) * time.Minute,
@@ -51,7 +51,7 @@ var defaultSettings = &Settings{
 
 // +k8s:deepcopy-gen=true
 type Settings struct {
-	AssumeRole                 string
+	AssumeRoleARN              string
 	ClusterName                string `validate:"required"`
 	ClusterEndpoint            string
 	AssumeRoleDuration         time.Duration `validate:"min=15m"`
@@ -74,7 +74,7 @@ func (*Settings) Inject(ctx context.Context, cm *v1.ConfigMap) (context.Context,
 	s := defaultSettings.DeepCopy()
 
 	if err := configmap.Parse(cm.Data,
-		configmap.AsString("aws.assumeRole", &s.AssumeRole),
+		configmap.AsString("aws.assumeRoleARN", &s.AssumeRoleARN),
 		configmap.AsString("aws.clusterName", &s.ClusterName),
 		configmap.AsString("aws.clusterEndpoint", &s.ClusterEndpoint),
 		configmap.AsDuration("aws.assumeRoleDuration", &s.AssumeRoleDuration),

diff --git a/pkg/apis/settings/suite_test.go b/pkg/apis/settings/suite_test.go
@@ -17,6 +17,7 @@ package settings_test
 import (
 	"context"
 	"testing"
+	"time"
 
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
@@ -45,8 +46,8 @@ var _ = Describe("Validation", func() {
 		ctx, err := (&settings.Settings{}).Inject(ctx, cm)
 		Expect(err).ToNot(HaveOccurred())
 		s := settings.FromContext(ctx)
-		Expect(s.AssumeRole).To(Equal(""))
-		Expect(s.AssumeRoleDuration).To(Equal(15))
+		Expect(s.AssumeRoleARN).To(Equal(""))
+		Expect(s.AssumeRoleDuration).To(Equal(time.Duration(15) * time.Minute))
 		Expect(s.DefaultInstanceProfile).To(Equal(""))
 		Expect(s.EnablePodENI).To(BeFalse())
 		Expect(s.EnableENILimitedPodDensity).To(BeTrue())
@@ -58,8 +59,8 @@ var _ = Describe("Validation", func() {
 	It("should succeed to set custom values", func() {
 		cm := &v1.ConfigMap{
 			Data: map[string]string{
-				"aws.assumeRole":                 "arn:aws:iam::111222333444:role/testrole",
-				"aws.assumeRoleDuration":         "27",
+				"aws.assumeRoleARN":              "arn:aws:iam::111222333444:role/testrole",
+				"aws.assumeRoleDuration":         "27m",
 				"aws.clusterEndpoint":            "https://00000000000000000000000.gr7.us-west-2.eks.amazonaws.com",
 				"aws.clusterName":                "my-cluster",
 				"aws.defaultInstanceProfile":     "karpenter",
@@ -74,8 +75,8 @@ var _ = Describe("Validation", func() {
 		ctx, err := (&settings.Settings{}).Inject(ctx, cm)
 		Expect(err).ToNot(HaveOccurred())
 		s := settings.FromContext(ctx)
-		Expect(s.AssumeRole).To(Equal("arn:aws:iam::111222333444:role/testrole"))
-		Expect(s.AssumeRoleDuration).To(Equal(27))
+		Expect(s.AssumeRoleARN).To(Equal("arn:aws:iam::111222333444:role/testrole"))
+		Expect(s.AssumeRoleDuration).To(Equal(time.Duration(27) * time.Minute))
 		Expect(s.DefaultInstanceProfile).To(Equal("karpenter"))
 		Expect(s.EnablePodENI).To(BeTrue())
 		Expect(s.EnableENILimitedPodDensity).To(BeFalse())

diff --git a/pkg/operator/operator.go b/pkg/operator/operator.go
@@ -78,8 +78,8 @@ func NewOperator(ctx context.Context, operator *operator.Operator) (context.Cont
 		STSRegionalEndpoint: endpoints.RegionalSTSEndpoint,
 	}
 
-	if assumeRole := settings.FromContext(ctx).AssumeRole; assumeRole != "" {
-		config.Credentials = stscreds.NewCredentials(session.Must(session.NewSession()), assumeRole,
+	if assumeRoleARN := settings.FromContext(ctx).AssumeRoleARN; assumeRoleARN != "" {
+		config.Credentials = stscreds.NewCredentials(session.Must(session.NewSession()), assumeRoleARN,
 			func(provider *stscreds.AssumeRoleProvider) { setDurationAndExpiry(provider, ctx) })
 	}
 

diff --git a/website/content/en/preview/concepts/settings.md b/website/content/en/preview/concepts/settings.md
@@ -46,7 +46,7 @@ data:
   # will be batched separately.
   batchIdleDuration: 1s
   # Role to assume for calling AWS services.
-  aws.assumerole: arn:aws:iam::111222333444:role/examplerole
+  aws.assumeRoleARN: arn:aws:iam::111222333444:role/examplerole
   # Duration of assumed credentials in minutes. Default value is 15 minutes. Not used unless aws.assumeRole set.
   aws.assumeRoleDuration: 15
   # [REQUIRED] The kubernetes cluster name for resource discovery