# Patch CoreDNS This documemt gives list of steps to deploy credspec resources and gMSA webhook. *Set Working Directory to ./amazon-eks-gmsa/eks-deployments/patch-coredns* ```powershell $directoryName = aws ssm get-parameter --name $directoryNameParam --query "Parameter.Value" --output text ./Patch-Coredns.ps1 -ActiveDirectoryDNS "$directoryName" -DNSServerIPs $dnsIPAddresses.Replace(',',' ') ``` # Verify the coredns configfile has patched ```powershell # Command to verify coredns configmap kubectl get configmap coredns -n kube-system -o yaml # The sample configmap for Kubernetes 1.16 and 1.17 apiVersion: v1 data: Corefile: | .:53 { errors health kubernetes cluster.local in-addr.arpa ip6.arpa { pods insecure upstream fallthrough in-addr.arpa ip6.arpa } prometheus :9153 forward . /etc/resolv.conf cache 30 loop reload loadbalance } <>:53 { errors cache 30 forward . <> <> } kind: ConfigMap # The sample configmap starting from Kubernetes 1.18 # Note that the keyword "upstream" is deprecated starting from Kubernetes 1.18, # refer to https://github.com/aws/containers-roadmap/issues/1115 for more detail apiVersion: v1 data: Corefile: | .:53 { errors health kubernetes cluster.local in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa } prometheus :9153 forward . /etc/resolv.conf cache 30 loop reload loadbalance } <>:53 { errors cache 30 forward . <> <> } kind: ConfigMap ```