Support custom IAM roles for cluster and workers (#338)

* allow specifying custom worker IAM instance profiles * allow specifying custom cluster IAM role * add doc * update changelog * use data.aws_iam_instance_profile.name
2026-03-24 02:11:04 +01:00 · 2019-05-07 05:46:06 -07:00
parent 613fb1ca96
commit 959e5330e3
10 changed files with 62 additions and 14 deletions
--- a/variables.tf
+++ b/variables.tf
@@ -257,3 +257,18 @@ variable "cluster_endpoint_public_access" {
  description = "Indicates whether or not the Amazon EKS public API server endpoint is enabled."
  default     = true
 }
+
+variable "manage_cluster_iam_resources" {
+  description = "Whether to let the module manage cluster IAM resources. If set to false, cluster_iam_role_name must be specified."
+  default     = true
+}
+
+variable "cluster_iam_role_name" {
+  description = "IAM role name for the cluster. Only applicable if manage_cluster_iam_resources is set to false."
+  default     = ""
+}
+
+variable "manage_worker_iam_resources" {
+  description = "Whether to let the module manage worker IAM resources. If set to false, iam_instance_profile_name must be specified for workers."
+  default     = true
+}