mirror of
https://github.com/optim-enterprises-bv/kubernetes.git
synced 2026-01-08 16:21:50 +00:00
18b16be622
Automatic merge from submit-queue (batch tested with PRs 65187, 65206, 65223, 64752, 65238). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Fixed detection of inaccessible AWS encryption key. AWS provisioner now checks if created encrypted volume gets "Available" or it gets silently deleted by AWS because StorageClass referenced invalid (e.g. non-existing) KMS key for encryption. This seems to be the only way how to detect such invalid key, because Kubernetes may not have enough permission to check if the key exists. **Which issue(s) this PR fixes** Fixes #62171 **Special notes for your reviewer**: **Release note**: ```release-note AWS now checks for validity of ecryption key when creating encrypted volumes. Dynamic provisioning of encrypted volume may get slower due to these checks. ``` /sig aws /sig storage @kubernetes/sig-aws-misc