Hi all, Since Juju creates a security group per model (and applies it to all instances in that model) it makes it really easy to enable/disable features for all applications in a single model. One such feature is AWS EFS (NFS aaS) which just needs to know which Security Groups can mount that EFS endpoint.
There's a problem, however, when tearing down and standing up lots of models in a months time. EFS only allows 5 Security Groups. So if you wanted more than five Kubernetes clusters to access a single mount you need to start editing all the AWS instances to share that Security Group manually. When it comes to scaling operations this can be tedious. I know there are configurations for VPC-ID - is there also a similar security-group setting where either the default model SG will be set based on user input instead of created or a setting where an additional "model" security group can be set so instances have it in addition to the model/instance security group? Thanks, Marco Ceppi
-- Juju mailing list Juju@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju
