github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-01-16 16:47:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Allow to set user defined workers role name (#496)

Browse Source 
* Allow to set user defined workers role name

* Add changelog entry

* Keep single variable for worker role name
This commit is contained in:
Ivanich
2019-09-12 18:45:04 +03:00
committed by Max Williams
parent 4264a5fe6e
commit a47f464221
4 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -18,6 +18,7 @@ project adheres to [Semantic Versioning](http://semver.org/).
- Updated `local.spot_allocation_strategy` docstring to indicate availability of new `capacity-optimized` option. (by @sc250024)
- Added support for initial lifecycle hooks for autosacling groups (@barryib)
- Added option to recreate ASG when LT or LC changes (by @barryib)
- Ability to specify workers role name (by @ivanich)
### Changed

1
README.md
View File

@@ -135,6 +135,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
| manage\_aws\_auth | Whether to apply the aws-auth configmap file. | string | `"true"` | no |
| manage\_cluster\_iam\_resources | Whether to let the module manage cluster IAM resources. If set to false, cluster_iam_role_name must be specified. | bool | `"true"` | no |
| manage\_worker\_iam\_resources | Whether to let the module manage worker IAM resources. If set to false, iam_instance_profile_name must be specified for workers. | bool | `"true"` | no |
| workers\_role\_name | User defined workers role name. | sting | `""` | no |
| map\_accounts | Additional AWS account numbers to add to the aws-auth configmap. See examples/basic/variables.tf for example format. | list(string) | `[]` | no |
| map\_roles | Additional IAM roles to add to the aws-auth configmap. See examples/basic/variables.tf for example format. | list(map(string)) | `[]` | no |
| map\_users | Additional IAM users to add to the aws-auth configmap. See examples/basic/variables.tf for example format. | list(map(string)) | `[]` | no |

6
variables.tf
View File

@@ -251,3 +251,9 @@ variable "manage_worker_iam_resources" {
type = bool
default = true
}
variable "workers_role_name" {
description = "User defined workers role name."
type = string
default = ""
}

3
workers.tf
View File

@@ -314,7 +314,8 @@ resource "aws_security_group_rule" "workers_ingress_cluster_https" {
resource "aws_iam_role" "workers" {
count = var.manage_worker_iam_resources ? 1 : 0
name_prefix = aws_eks_cluster.this.name
name_prefix = var.workers_role_name != "" ? null : aws_eks_cluster.this.name
name = var.workers_role_name != "" ? var.workers_role_name : null
assume_role_policy = data.aws_iam_policy_document.workers_assume_role_policy.json
permissions_boundary = var.permissions_boundary
path = var.iam_path