You are viewing documentation for version 1.32.x. The most current version is 1.34.x. This documentation is available for 1.34.x.

aws

Settings specific to the AWS platform (settings.aws.*)

Only pertinent on aws-* variants or on other variants in conjunction with IAM Roles Anywhere, these settings are automatically gathered using instance metadata. Typically, you do not need to explicitly populate these settings, however you can manually override these settings using the API for testing or other purposes.

Full Reference

`settings.aws.config`

The base64-encoded representation of data used to populate ~/.aws/config

Warning

Avoid adding a [profile default] section. Recent versions of aws-iam-authenticator (and perhaps other components) pick up the default credential settings when settings.aws.profile is set to default.

Default: A minimal configuration to enable or disable the AWS FIPS endpoints, depending on the variant flavor

Note

Bottlerocket FIPS variants are available all AWS and AWS GovCloud regions. However, in regions without FIPS support (those outside of the US and Canada), you must opt-out from using AWS FIPS endpoints by updating the settings.aws.confg API with the encoded AWS config to disable AWS FIPS endpoints. You can use the following values in your nodes to opt-out from using FIPS endpoints in AWS API calls.

[settings.aws]
config = "W2RlZmF1bHRdCnVzZV9maXBzX2VuZHBvaW50PWZhbHNl"

apiclient set settings.aws.config="W2RlZmF1bHRdCnVzZV9maXBzX2VuZHBvaW50PWZhbHNl"

The base64 string corresponds to the following configuration:

[default]
use_fips_endpoint=false

Also see:

ecr-credential-provider under settings.kubernetes.credential-providers

`settings.aws.credentials`

The base64-encoded representation of data used to populate ~/.aws/credentials

`settings.aws.profile`

The profile name to use for settings.aws.config and settings.aws.credentials.

Default: default

[settings.aws]
profile = myprofile

apiclient set settings.aws.profile=myprofile

`settings.aws.region`

The AWS region (e.g. us-west-2)

Default: The region is automatically inferred based on calls to the Instance MetaData Service (IMDS).

Note

You do not need to explicitly set setting.aws.region unless you have a reason to override this default value.

aws

Setting list for settings.aws

Full Reference

settings.aws.config

Warning

Note

settings.aws.credentials

settings.aws.profile

settings.aws.region

Note

Setting list for `settings.aws`

`settings.aws.config`

`settings.aws.credentials`

`settings.aws.profile`

`settings.aws.region`