mirror of
https://github.com/ysoftdevs/terraform-aws-eks.git
synced 2026-02-24 19:44:49 +01:00
iam policy updated
This commit is contained in:
brandoconnor
@@ -13,7 +13,7 @@ install:
|
||||
- bundle install
|
||||
before_script:
|
||||
- echo 'before_script'
|
||||
- export AWS_REGION='us-west-2'
|
||||
- export AWS_REGION='us-east-1'
|
||||
- export TF_VAR_region=${AWS_REGION}
|
||||
- echo "using AWS_REGION=${AWS_REGION}"
|
||||
- export TF_WARN_OUTPUT_ERRORS=1
|
||||
|
||||
@@ -14,10 +14,89 @@ The following IAM policy is the minimum needed to execute the module from the te
|
||||
"Version": "2012-10-17",
|
||||
"Statement": [
|
||||
{
|
||||
"Sid": "Stmt1507789535000",
|
||||
"Sid": "VisualEditor0",
|
||||
"Effect": "Allow",
|
||||
"Action": [],
|
||||
"Resource": ["*"]
|
||||
"Action": [
|
||||
"autoscaling:AttachInstances",
|
||||
"autoscaling:CreateAutoScalingGroup",
|
||||
"autoscaling:CreateLaunchConfiguration",
|
||||
"autoscaling:CreateOrUpdateTags",
|
||||
"autoscaling:DeleteAutoScalingGroup",
|
||||
"autoscaling:DeleteLaunchConfiguration",
|
||||
"autoscaling:DeleteTags",
|
||||
"autoscaling:Describe*",
|
||||
"autoscaling:DetachInstances",
|
||||
"autoscaling:SetDesiredCapacity",
|
||||
"autoscaling:UpdateAutoScalingGroup",
|
||||
"ec2:AllocateAddress",
|
||||
"ec2:AssignPrivateIpAddresses",
|
||||
"ec2:Associate*",
|
||||
"ec2:AttachInternetGateway",
|
||||
"ec2:AttachNetworkInterface",
|
||||
"ec2:AuthorizeSecurityGroupEgress",
|
||||
"ec2:AuthorizeSecurityGroupIngress",
|
||||
"ec2:CreateDefaultSubnet",
|
||||
"ec2:CreateDhcpOptions",
|
||||
"ec2:CreateEgressOnlyInternetGateway",
|
||||
"ec2:CreateInternetGateway",
|
||||
"ec2:CreateNatGateway",
|
||||
"ec2:CreateNetworkInterface",
|
||||
"ec2:CreateRoute",
|
||||
"ec2:CreateRouteTable",
|
||||
"ec2:CreateSecurityGroup",
|
||||
"ec2:CreateSubnet",
|
||||
"ec2:CreateTags",
|
||||
"ec2:CreateVolume",
|
||||
"ec2:CreateVpc",
|
||||
"ec2:DeleteDhcpOptions",
|
||||
"ec2:DeleteEgressOnlyInternetGateway",
|
||||
"ec2:DeleteInternetGateway",
|
||||
"ec2:DeleteNatGateway",
|
||||
"ec2:DeleteNetworkInterface",
|
||||
"ec2:DeleteRoute",
|
||||
"ec2:DeleteRouteTable",
|
||||
"ec2:DeleteSecurityGroup",
|
||||
"ec2:DeleteSubnet",
|
||||
"ec2:DeleteTags",
|
||||
"ec2:DeleteVolume",
|
||||
"ec2:DeleteVpc",
|
||||
"ec2:DeleteVpnGateway",
|
||||
"ec2:Describe*",
|
||||
"ec2:DetachInternetGateway",
|
||||
"ec2:DetachNetworkInterface",
|
||||
"ec2:DetachVolume",
|
||||
"ec2:Disassociate*",
|
||||
"ec2:ModifyVpcAttribute",
|
||||
"ec2:ModifyVpcEndpoint",
|
||||
"ec2:UpdateSecurityGroupRuleDescriptionsEgress",
|
||||
"ec2:UpdateSecurityGroupRuleDescriptionsIngress",
|
||||
"eks:CreateCluster",
|
||||
"eks:DeleteCluster",
|
||||
"eks:DescribeCluster",
|
||||
"eks:ListClusters",
|
||||
"iam:AddRoleToInstanceProfile",
|
||||
"iam:AttachRolePolicy",
|
||||
"iam:CreateInstanceProfile",
|
||||
"iam:CreatePolicy",
|
||||
"iam:CreatePolicyVersion",
|
||||
"iam:CreateRole",
|
||||
"iam:DeleteInstanceProfile",
|
||||
"iam:DeletePolicy",
|
||||
"iam:DeleteRole",
|
||||
"iam:DeleteRolePolicy",
|
||||
"iam:DeleteServiceLinkedRole",
|
||||
"iam:DetachRolePolicy",
|
||||
"iam:GetInstanceProfile",
|
||||
"iam:GetPolicy",
|
||||
"iam:GetPolicyVersion",
|
||||
"iam:GetRole",
|
||||
"iam:GetRolePolicy",
|
||||
"iam:List*",
|
||||
"iam:PutRolePolicy",
|
||||
"iam:RemoveRoleFromInstanceProfile",
|
||||
"iam:UpdateAssumeRolePolicy"
|
||||
],
|
||||
"Resource": "*"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@@ -1,26 +0,0 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIETjCCAzagAwIBAgIJALi9NaeI/EcpMA0GCSqGSIb3DQEBBQUAMHcxCzAJBgNV
|
||||
BAYTAkdCMQ8wDQYDVQQIEwZMb25kb24xDzANBgNVBAcTBkxvbmRvbjEYMBYGA1UE
|
||||
ChMPR2xvYmFsIFNlY3VyaXR5MRYwFAYDVQQLEw1JVCBEZXBhcnRtZW50MRQwEgYD
|
||||
VQQDEwtleGFtcGxlLmNvbTAeFw0xNzA5MjcyMTIwNDlaFw0yNzA5MjUyMTIwNDla
|
||||
MHcxCzAJBgNVBAYTAkdCMQ8wDQYDVQQIEwZMb25kb24xDzANBgNVBAcTBkxvbmRv
|
||||
bjEYMBYGA1UEChMPR2xvYmFsIFNlY3VyaXR5MRYwFAYDVQQLEw1JVCBEZXBhcnRt
|
||||
ZW50MRQwEgYDVQQDEwtleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
||||
ADCCAQoCggEBALAthQw1LG3Q7n8jroaBneqLgSyBMXxpilrWG7oYaNcCt3dY4FF0
|
||||
RWp2R+suMB7ObaWZwzIPseYD1M1IJoyeafSCmH/UCHsIaXUyTE9Ml69hxTA+3R4e
|
||||
mO1mPOQ71dheQ0iX34NviiwhQIDJYGRHPYZTeJ2Y/yWQUw3tthYrE9KvYWx6UhXw
|
||||
0PbBdHgl6bE/cqARua+Y4jOZO4jRDIwzKOxtK86uhWNBdrrLVNMY6kaNdO40wiZk
|
||||
b+Q2YrMyvVUUFdE2TljyLqYgPsTvb8Yxh6h9WGqnY8Fg1aYelp98NFd9fVw/Wuqx
|
||||
3Ub0o8Kpnfi+u5Phg5PewF5OoQTGxRLVpJMCAwEAAaOB3DCB2TAdBgNVHQ4EFgQU
|
||||
8pucEK8IGWVRbp8cndsPrMoo5mYwgakGA1UdIwSBoTCBnoAU8pucEK8IGWVRbp8c
|
||||
ndsPrMoo5mahe6R5MHcxCzAJBgNVBAYTAkdCMQ8wDQYDVQQIEwZMb25kb24xDzAN
|
||||
BgNVBAcTBkxvbmRvbjEYMBYGA1UEChMPR2xvYmFsIFNlY3VyaXR5MRYwFAYDVQQL
|
||||
Ew1JVCBEZXBhcnRtZW50MRQwEgYDVQQDEwtleGFtcGxlLmNvbYIJALi9NaeI/Ecp
|
||||
MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAK2mwg87BWPuYPkQBESQ
|
||||
wUiX1L37VGuEjewda1o697OPTD9tWM2IuVjAYKIVx/oTwBwgMzlY8KjfceRYfrTg
|
||||
YEP9EQ+5KknzgFYC+/SF9ugVke5/JICKQoOqBLboETTTgeYpSlFfKz97nXCAbMVN
|
||||
/lYB9TCUZ/SdA76ZpIMR0uYH2mCspChWtYjPV9Z8PEwK7EmFuTQS1X/1Oa7O03vC
|
||||
SU4GiONs7MxJoCrMo/xB6yGDM5NiE6ZqljmQ2238GQ99/VyGMn5uVDpZmXH6dMln
|
||||
ofEU4fh6sbJvs19KNz9Ql31F0U+hq593T50V8iV+TccBB5ifqfjOnFKmljDjFYeZ
|
||||
0bg=
|
||||
-----END CERTIFICATE-----
|
||||
@@ -1,27 +0,0 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEogIBAAKCAQEAsC2FDDUsbdDufyOuhoGd6ouBLIExfGmKWtYbuhho1wK3d1jg
|
||||
UXRFanZH6y4wHs5tpZnDMg+x5gPUzUgmjJ5p9IKYf9QIewhpdTJMT0yXr2HFMD7d
|
||||
Hh6Y7WY85DvV2F5DSJffg2+KLCFAgMlgZEc9hlN4nZj/JZBTDe22FisT0q9hbHpS
|
||||
FfDQ9sF0eCXpsT9yoBG5r5jiM5k7iNEMjDMo7G0rzq6FY0F2ustU0xjqRo107jTC
|
||||
JmRv5DZiszK9VRQV0TZOWPIupiA+xO9vxjGHqH1YaqdjwWDVph6Wn3w0V319XD9a
|
||||
6rHdRvSjwqmd+L67k+GDk97AXk6hBMbFEtWkkwIDAQABAoIBACHCNzJlpgPM+0Zl
|
||||
gfXINIhS/weWIfNjDd3mFR4Nu1kn7hvybdlt3DdQPuuzyAi/KYeH9T1MgJxAs7A6
|
||||
WRis6kSuGaa07IMW045fevvfA1nZ9D0QbrJszoT/CD/7rzhsp5vrbirzXpiiLof/
|
||||
Dndop0NsDzqzrIB4LVIH8NJCouPF4eibhb4XQwvCkG05pvlkeK4OJugF/CpgrJlX
|
||||
GiXDTZ8Lh/fBXeFpCfcBlgTCPkxcZtuNeddTlEJpY6q8QdofvfpjXmpfQ+63FL5t
|
||||
GTpoWNtO+UIqwHFQgoH6zGR8bMBx0/FLqrJ8Cq6nj7+uLODGAf4+dJ0m+Cz5t3Om
|
||||
aHgJWEECgYEA4nXD/FS+Wy69dVei8imp3/x+v0/T4LXf8l8NI/Dzvdg82xU1AgZH
|
||||
OKqTC2z/z4e+5EAF27kJeOBdh7kqPAF9KMHtd3FsxiYK4RpDlR6JFzHH8h8+v8c/
|
||||
Egg0WiXgnqfePHbS+q5wxPloReJm+ue4eSBzR6qyQbtfH0Qp+NIHGkMCgYEAxyir
|
||||
CMmI3v1u70V9NtNOlt5O1JNy47iUaLgvEJXBPsD+JYWgs4nY8gZcy+Yx1LBRqMbi
|
||||
LojOUGKGK6jcLOHjVBW9WJoFtTDN59lba5ryNW9AQOJsdeeaPttpWiFID5K0KTno
|
||||
kGHzxQjioSnP+mDV7jaXZSNcvYGWVRSabkRwb3ECgYA/mBqlbZbXPFTv8uBLaO/P
|
||||
erSNPPmfDPQKuC6UfUG1elf8ngP4wZKWkzAf8UgVG2W760652UiTrU4WoyT9HN3s
|
||||
6Cirdiq5qk070YhRA/YzkUM49xVD/cv0YGFzP1fIthNun1+4DeyVJAToOx/4LcJc
|
||||
IYS+B21vkBKyUQ4IVdKwyQKBgGBq3+KxLwJFz58nFSelxTZlCeUAPW7hvXe1M5Pj
|
||||
7FplNKUVvGcvJUiGrAZKu3Usp1v+bSH6OWfRSwN4DJ/t/BCJNdHfP0QpDIZiRFAk
|
||||
A367DXBcLgYmyhYEQ0zPMAPaEj6jOmQsB8gsNQuxIm8k0m0xILpmFE/qnM0z3E/l
|
||||
8kkBAoGAJJQgk6dl2rlbZGZvjhVKWNmA8LBJWg28r9/6VWSwYNHSPmcReGvhAflg
|
||||
5vY9yRIuJXc1Dfq57dIpX8OaH2n/Txgs/895NvpUk/AlqQiMrCKUO3M4wAA0/kNx
|
||||
RHgT16B9lRxvTaaH8Eh5/YMHp8afrOVEwVIMMCZlWii+PbKFyM4=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -74,4 +74,5 @@ module "eks" {
|
||||
vpc_id = "${module.vpc.vpc_id}"
|
||||
workers_ami_id = "${data.aws_ami.eks_worker.id}"
|
||||
cluster_ingress_cidrs = ["${local.workstation_external_cidr}"]
|
||||
workers_instance_type = "t2.micro"
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user