Running CloudGraph in EKS
7min
To run CloudGraph in EKS you will need the following assets:
AWS Assets
- EKS Cluster
- Have an OIDC in the EKS Cluster for IRSA
- Use Kubernetes 1.17 or newer
- Encrypted s3 Bucket
- KMS key
- s3 Bucket
- IAM Role for CloudGraph with the following:
- Permissions to use the KMS key
- Permissions to use the s3 bucket
- Permissions to assume the roles in the target accounts
- A trust policy for the OIDC provider
Kubernetes Assets
- A Dockerfile for CloudGraph
- A Namespace for CloudGraph
- A ServiceAccount for CloudGraph
- A recurring workload
- Use a CronJob in Kubernetes 1.21 and newer
- For Kubernetes 1.20 or older use a ScheduledJob
- A ConfigMap for CloudGraph
Authentication model
- Target account - IAM Role
- CloudGraph account - IAM Role
- ServiceAccount annotation
- Credential injection
- CloudGraph configuration file
Helm Assets
- CloudGraph helm chart
- Deployment instructions
DGraph Assets
- DGraph helm chart
- Deployment instructions
Updated 03 Mar 2023
Did this page help you?
Yes
No