You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What would you like to be added:
Currently we don't have a validation that would prevent user to replace its cloudprovider secret with credentials for another account. Basically we do have only a warning in the dashboard - ref gardener/dashboard#422.
Steps to reproduce:
Get an existing Shoot.
Update its secret with credentials for another account.
Ensure that on new reconciliation, new infra resources will be created in the new account. The old infra resources and machines in the old account will leak.
For me the reconciliation failed at
lastOperation:
description: Waiting until the Kubernetes API server can connect to the ShootworkerslastUpdateTime: "2020-02-20T14:56:43Z"progress: 89state: Processingtype: Reconcile
wtih reason
$ k describe svc -n kube-system vpn-shoot
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal EnsuringLoadBalancer 7m38s (x6 over 10m) service-controller Ensuring load balancer
Warning SyncLoadBalancerFailed 7m37s (x6 over 10m) service-controller Error syncing load balancer: failed to ensure load balancer: could not find any suitable subnets for creating the ELB
Why is this needed:
Prevent users to harm themselves.
The text was updated successfully, but these errors were encountered:
ialidzhikov
changed the title
Forbid changing replacing secret with new account for existing Shoots
Forbid replacing secret with new account for existing Shoots
Feb 20, 2020
What would you like to be added:
Currently we don't have a validation that would prevent user to replace its cloudprovider secret with credentials for another account. Basically we do have only a warning in the dashboard - ref gardener/dashboard#422.
Steps to reproduce:
For me the reconciliation failed at
wtih reason
Why is this needed:
Prevent users to harm themselves.
The text was updated successfully, but these errors were encountered: