docs: add irsa on talos #134
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Iheanacho-ai
reviewed
Nov 4, 2025
|
|
||
| This guide is based on the official instructions for setting up the [Amazon EKS Pod Identity Webhook in a self-hosted environment](https://github.com/aws/amazon-eks-pod-identity-webhook/blob/master/SELF_HOSTED_SETUP.md). | ||
|
|
||
| ## Step 1: Set Up Environment Variables |
There was a problem hiding this comment.
really cool work, but the thing is that are we assuming the user knows how to get all these variables? or is there a sort of article we can externally link to so they can reference and know where to go to get all these variables
There was a problem hiding this comment.
My mistake - I did make assumptions about the level of AWS knowledge of someone attempting to integrate Talos Linux with AWS IRSA. However, for the sake of completeness, I can update my PR and include links to the relevant AWS documentation - no problem.
There was a problem hiding this comment.
@Iheanacho-ai I've pushed a change commit; hopefully, it’s improved things a little.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What changed: This PR introduces a new comprehensive guide on "IAM Roles for Service Accounts (IRSA) on Talos Linux". The guide has been added for Talos Linux versions 1.6 through 1.12. This involved creating new .mdx files for each version and updating the public/docs.json and individual talos-vX.Y.yaml navigation configurations to include these new security documentation pages.
Why it’s needed: This new guide is essential for users who need to enable Kubernetes Pods running on Talos Linux clusters to securely access AWS services. By implementing IRSA, applications can leverage temporary IAM credentials, providing a more secure and granular way to manage permissions to AWS resources, similar to the functionality offered by AWS EKS. This enhances the security posture and operational efficiency for Talos Linux users deploying workloads that interact with AWS.
Screenshot:
