github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-03-26 11:21:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add support for networking ip_family which enables support for IPV6 (#1759)

Browse Source
This commit is contained in:
Bryant Biggs
2022-01-14 15:17:03 -05:00
committed by GitHub
parent cf985c2347
commit 314192e2eb
30 changed files with 197 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
modules/fargate-profile/main.tf
View File

@@ -1,8 +1,13 @@
data "aws_partition" "current" {}
data "aws_caller_identity" "current" {}
locals {
iam_role_name = coalesce(var.iam_role_name, var.name, "fargate-profile")
policy_arn_prefix = "arn:${data.aws_partition.current.partition}:iam::aws:policy"
iam_role_name = coalesce(var.iam_role_name, var.name, "fargate-profile")
iam_role_policy_prefix = "arn:${data.aws_partition.current.partition}:iam::aws:policy"
cni_policy = var.cluster_ip_family == "ipv6" ? "arn:${data.aws_partition.current.partition}:iam::${data.aws_caller_identity.current.account_id}:policy/AmazonEKS_CNI_IPv6_Policy" : "${local.iam_role_policy_prefix}/AmazonEKS_CNI_Policy"
}
################################################################################
@@ -40,7 +45,8 @@ resource "aws_iam_role" "this" {
resource "aws_iam_role_policy_attachment" "this" {
for_each = var.create && var.create_iam_role ? toset(compact(distinct(concat([
"${local.policy_arn_prefix}/AmazonEKSFargatePodExecutionRolePolicy",
"${local.iam_role_policy_prefix}/AmazonEKSFargatePodExecutionRolePolicy",
var.iam_role_attach_cni_policy ? local.cni_policy : "",
], var.iam_role_additional_policies)))) : toset([])
policy_arn = each.value