Skip to content

(WIP) feat: add aws-iam-authenticator extension #942

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
fabiomatavelli wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

(WIP) feat: add aws-iam-authenticator extension #942

fabiomatavelli wants to merge 1 commit into from
+467 −2

Conversation

@fabiomatavelli
Copy link

@fabiomatavelli fabiomatavelli commented Jan 2, 2026

Adds the aws-iam-authenticator to Talos.

@fabiomatavelli fabiomatavelli force-pushed the feat/add-aws-iam-authenticator branch 3 times, most recently from 454d2f5 to 265ebc6 Compare January 2, 2026 15:56
@fabiomatavelli fabiomatavelli changed the title (WIP) feat: add aws-iam-authenticator exntesion (WIP) feat: add aws-iam-authenticator extension Jan 2, 2026
@fabiomatavelli fabiomatavelli force-pushed the feat/add-aws-iam-authenticator branch 2 times, most recently from f6ae4f2 to 409c27c Compare January 2, 2026 16:30
@fabiomatavelli
feat: add aws-iam-authenticator extension
e8cebbe 
Adds the [aws-iam-authenticator](kubernetes-sigs/aws-iam-authenticator) extension to Talos so it can generate the necessary certificates and kubeconfig, to be used with `kube-apiserver`, so users can authenticate in the cluster using AWS IAM roles.
@fabiomatavelli fabiomatavelli force-pushed the feat/add-aws-iam-authenticator branch from 409c27c to e8cebbe Compare January 2, 2026 16:39
@frezbo
Copy link
Member

frezbo commented Jan 13, 2026

@fabiomatavelli is this good for review?

@fabiomatavelli
Copy link
Author

fabiomatavelli commented Jan 14, 2026

@frezbo I'm still thinking if it would make sense to add this or not tbh. With the extension the process would be executed on all the nodes (worker and control-planes) as it requires the configuration to be present. So, I'm thinking if it makes sense to move forward with the extension or if providing the necessary files (certs and kubeconfig) during the bootstrap of the nodes would make more sense.

@frezbo
Copy link
Member

frezbo commented Jan 19, 2026

Cool, iterate and see how it goes, we've plenty of time before 1.13

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@fabiomatavelli @frezbo