Hello! We’re running Flyte on AWS EKS (k8s). Due t...
# announcementsa
Andrew Korzhuev
09/09/2022, 3:03 PMHello! We’re running Flyte on AWS EKS (k8s). Due to the security concerns we have a database which resides in VPC separate from the EKS. We would like to access that db from one task without giving access to the whole k8s cluster to that VPC. Do you know good strategies to achieve that?
So far the ideas we’ve came up with were around using some other AWS service like Fargate or Glue to run the task (as just that task can be run within that specific VPC) and trigger it from Flyte. That feels overly complex however.
k
Ketan (kumare3)
09/09/2022, 3:36 PM
I thought aurora now has Iam based perms
Ketan (kumare3)
09/09/2022, 3:37 PM
And you can use specific security groups, and in eks create a node pool in that security group. And then use node selectors
a
Andrew Korzhuev
09/12/2022, 10:42 AMAha, node pool and node selector sounds like a good idea. We don’t use Aurora currently, it’s an RDS instance, there is a requirement of having separate VPC as this particular network can be accessed from the outside.
Andrew Korzhuev
09/12/2022, 11:25 AMhttps://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html looks like this is also a good option
160 Views