From b68a70e4a7862dacfdd9dd1dce23ac34569ca516 Mon Sep 17 00:00:00 2001 From: SHASHIKANTH MADDINENI Date: Fri, 24 Feb 2023 11:34:38 -0500 Subject: [PATCH] Updating README on how to use Botocore to retrieve mount target ip address when dns name cannot be resolved --- docs/README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/README.md b/docs/README.md index e029f01f4..f1a524a25 100644 --- a/docs/README.md +++ b/docs/README.md @@ -203,7 +203,9 @@ Before the example, you need to: * [Use Access Points](../examples/kubernetes/access_points/README.md) ## Using botocore to retrieve mount target ip address when dns name cannot be resolved -* EFS CSI driver by default comes with botocore library installed, which can resolve the DNS issue by providing a way to retrieve the IP address of the EFS mount targets but should allow the ```elasticfilesystem:DescribeMountTargets``` and ```ec2:DescribeAvailabilityZones``` action in your policy attached to the IAM role you attached to the instance, for example adding the policy in this manner, one can refer to the policy [here](https://github.com/kubernetes-sigs/aws-efs-csi-driver/blob/master/docs/iam-policy-example.json#L9-L10). +* EFS CSI driver supports using botocore to retrieve mount target ip address when dns name cannot be resolved, e.g., when user is mounting a file system in another VPC, botocore comes preinstalled on efs-csi-driver which can solve the DNS issue. +* IAM policy prerequisites to use this feature : + Allow ```elasticfilesystem:DescribeMountTargets``` and ```ec2:DescribeAvailabilityZones``` actions in your policy attached to the EKS service account role, refer to example policy [here](https://github.com/kubernetes-sigs/aws-efs-csi-driver/blob/master/docs/iam-policy-example.json#L9-L10). ## Development Please go through [CSI Spec](https://github.com/container-storage-interface/spec/blob/master/spec.md) and [Kubernetes CSI Developer Documentation](https://kubernetes-csi.github.io/docs) to get some basic understanding of CSI driver before you start.