Document the need to associate IAM role with migrations pod
What does this MR do?
GitLab 17.0 introduced a change that caused any GitLab Rails process
to make HTTP calls to Elasticsearch, if it were configured
(gitlab-org/gitlab!149209 (merged)). If
the migrations pod did not have IAM access, then the pod would
abruptly crash while trying to run the custom-instance-setup
script.
For good measure, let's include the migrations
pod in the list of
pods for IAM access, even though this issue might go away in GitLab
17.4. Admins have to ensure that the trust policy is defined for these
service accounts, so link the AWS documentation.
Related issues
Relates to gitlab-org/gitlab#480405 (closed)
Author checklist
For general guidance, please follow our Contributing guide.
Required
For anything in this list which will not be completed, please provide a reason in the MR discussion.
-
Merge Request Title and Description are up to date, accurate, and descriptive. -
MR targeting the appropriate branch. -
MR has a green pipeline. -
Documentation created/updated. -
Tests added/updated, and test plan for scenarios not covered by automated tests. -
Equivalent MR/issue for omnibus-gitlab opened.
Reviewers checklist
-
MR has a green pipeline on https://gitlab.com/gitlab-org/charts/gitlab. -
Consider downstream impact to the Operator, as per evaluating impact from changes to GitLab Chart.