1. Arpio Documentation
  2. Reference Guides
  3. Arpio Configuration Tag Reference

arpio-config:recovery-principal-arn

Indicates the principal ARN that an EKS Access Entry should point to in the recovery environment

arpio-config:recovery-principal-arn = <principal-arn>

<principal-arn>

ARN of an IAM user or role that exists in the recovery environment

Supported Resources

  • EKS Access Entries

Description

By default, Arpio will translate principal ARN values on EKS Access Entries from the primary environment to their counterpart in the recovery environment if the ARN references an IAM role that Arpio is managing.  However, if an Access Entry references an IAM user or an AWS-managed SSO role in the source environment, Arpio cannot translate these and brings them across to the recovery environment as-is. 

This config tag allows the recovery principal ARN to be explicitly indicated as a tag on the Access Entry in the source environment.

Examples

Tag

Value

arpio-config:recovery-principal-arn

arn:aws:iam::111111111111:role/aws-reserved/sso.amazonaws.com/AWSReservedSSO_MyTeam_1234