• Kubernetes Submit Queue's avatar
    Merge pull request #54507 from micahhausler/aws-elb-security-policy · b223955c
    Kubernetes Submit Queue authored
    Automatic merge from submit-queue (batch tested with PRs 54134, 54507). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
    
    Added service annotation for AWS ELB SSL policy
    
    **What this PR does / why we need it**:
    
    This work adds a new supported service annotation for AWS clusters, `service.beta.kubernetes.io/aws-load-balancer-ssl-negotiation-policy`, which lets users specify which [predefined AWS SSL policy](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html) they would like to use.
    
    **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
    
    Fixes #43744
    
    **Special notes for your reviewer**:
    
    While this PR doesn't allow users to define their own cipher policy in an annotation, a user could (out of band) create their own policy on an ELB with the naming convention `k8s-SSLNegotiationPolicy-<my-policy-name>` and specify it with the above annotation.
    
    This is my second k8s PR, and I don't have experience with an e2e test, would that be required for this change? I did run this in a kubeadm cluster and it worked like a charm. I was able to choose different predefined policies, and revert to the default policy when I removed the annotation.
    
    **Release note**:
    
    ```release-note
    Added service annotation for AWS ELB SSL policy
    ```
    b223955c
Name
Last commit
Last update
..
providers Loading commit data...
BUILD Loading commit data...
OWNERS Loading commit data...
README.md Loading commit data...
cloud.go Loading commit data...
doc.go Loading commit data...
plugins.go Loading commit data...