Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
jahabibi
left a comment
jahabibi
left a comment
There was a problem hiding this comment.
Overall looks great! A couple comments on the S3 bucket naming and it looks like we may have broken formatting in aws-access-keys
| long-lived secrets in the cluster. | ||
|
|
||
| :::warning | ||
| When running on EKS, prefer [IRSA], [EKS Pod Identity], or [WebIdentity] over |
There was a problem hiding this comment.
I think it maybe better to frame this as a security concern like:
On EKS, Upbound recommends using IRSA, EKS Pod Identity, or WebIdentity rather than static access keys to avoid the risk of long-standing static credentials.
It also looks like the EKS POD Identity link is broken here on this render: https://docs-gp29ya3u4-upboundio.vercel.app/manuals/packages/providers/aws-auth/aws-access-keys/
| apiVersion: s3.aws.m.upbound.io/v1beta1 | ||
| kind: Bucket | ||
| metadata: | ||
| name: my-crossplane-test-bucket |
There was a problem hiding this comment.
We may want to add a note that s3 buckets are globally unique so that they should customize the name of their bucket to avoid a conflict.
| apiVersion: s3.aws.m.upbound.io/v1beta1 | ||
| kind: Bucket | ||
| metadata: | ||
| name: my-crossplane-test-bucket |
There was a problem hiding this comment.
We may want to add a note that s3 buckets are globally unique so that they should customize the name of their bucket to avoid a conflict.
| apiVersion: s3.aws.m.upbound.io/v1beta1 | ||
| kind: Bucket | ||
| metadata: | ||
| name: my-crossplane-test-bucket |
There was a problem hiding this comment.
We may want to add a note that s3 buckets are globally unique so that they should customize the name of their bucket to avoid a conflict.
| apiVersion: s3.aws.m.upbound.io/v1beta1 | ||
| kind: Bucket | ||
| metadata: | ||
| name: my-crossplane-test-bucket |
There was a problem hiding this comment.
We may want to add a note that s3 buckets are globally unique so that they should customize the name of their bucket to avoid a conflict.
| apiVersion: s3.aws.m.upbound.io/v1beta1 | ||
| kind: Bucket | ||
| metadata: | ||
| name: my-s3-bucket |
There was a problem hiding this comment.
We may want to add a note that s3 buckets are globally unique so that they should customize the name of their bucket to avoid a conflict. Additionally this name diverges from other doc pages naming the bucket my-s3-bucket instead of my-crossplane-test-bucket.
2 participants
Description
Type of change
Checklist
make vale-file FILE=docs/path/to/file.mdlocally for files changed (or will fix Vale suggestions in review)Additional notes