Skip to content

feat: allow callers to specify custom IAM path for instance profiles#9120

Open
DerekFrank wants to merge 1 commit intoaws:mainfrom
DerekFrank:instance-profile-sweeping
Open

feat: allow callers to specify custom IAM path for instance profiles#9120
DerekFrank wants to merge 1 commit intoaws:mainfrom
DerekFrank:instance-profile-sweeping

Conversation

@DerekFrank
Copy link
Copy Markdown
Contributor

@DerekFrank DerekFrank commented Apr 28, 2026
edited
Loading

Fixes #N/A

Description

  • Changes instanceprofile.Provider.Create() to accept a path string parameter instead of usePath bool
  • When path is non-empty, it is set directly on the CreateInstanceProfile input, allowing downstream consumers to specify custom IAM path prefixes
  • The upstream karpenter-provider-aws caller now explicitly passes the /karpenter/{region}/{clusterName}/{nodeClassUID}/ path string

How was this change tested?

make presubmit

Does this change impact docs?

  • Yes, PR includes docs updates
  • Yes, issue opened: #
  • No

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@DerekFrank DerekFrank requested a review from a team as a code owner April 28, 2026 20:24
@DerekFrank DerekFrank requested a review from jigisha620 April 28, 2026 20:25
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 28, 2026
edited
Loading

Preview deployment ready!

Preview URL: https://pr-9120.d18coufmbnnaag.amplifyapp.com

Built from commit 60a51c6a83f13492724bf9d979f38f02fa69db74

@DerekFrank DerekFrank marked this pull request as draft April 28, 2026 20:40
@DerekFrank DerekFrank force-pushed the instance-profile-sweeping branch 3 times, most recently from eedc8e8 to 60a51c6 Compare April 28, 2026 21:39
@DerekFrank DerekFrank marked this pull request as ready for review April 30, 2026 00:06
jigisha620
jigisha620 reviewed Apr 30, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@jigisha620 jigisha620 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ListClusterProfiles and ListNodeClassProfiles still use the old path so if the downstream consumers use a different path then the garbage collector will not be able to find orphaned profiles.

Comment thread pkg/providers/instanceprofile/instanceprofile.go Outdated
Comment thread pkg/providers/instanceprofile/suite_test.go Outdated
@jigisha620 jigisha620 self-assigned this Apr 30, 2026
@DerekFrank
feat: allow callers to specify custom IAM path for instance profiles
4a61b52 
Change the Create() method signature from accepting a usePath bool
to accepting a path string. When non-empty, the path is set directly
on the CreateInstanceProfile input. This allows downstream consumers
(e.g. EKS Auto) to use a custom IAM path prefix like /eks/ instead
of the hardcoded /karpenter/ prefix.

The upstream karpenter-provider-aws caller now explicitly passes the
/karpenter/{region}/{clusterName}/{nodeClassUID}/ path string.
@DerekFrank DerekFrank force-pushed the instance-profile-sweeping branch from 60a51c6 to 4a61b52 Compare May 8, 2026 23:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jigisha620 jigisha620 jigisha620 left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@jigisha620 jigisha620

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@DerekFrank @jigisha620