github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-01-11 22:41:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add irsa_tag_values variable (#2584)

Browse Source
This commit is contained in:
Tung Nguyen
2023-05-17 07:04:11 -07:00
committed by GitHub
parent 0f9d9fac93
commit aa3bdf1c19
3 changed files with 13 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
modules/karpenter/README.md
View File

@@ -168,6 +168,7 @@ No modules.
| <a name="input_irsa_ssm_parameter_arns"></a> [irsa\_ssm\_parameter\_arns](#input\_irsa\_ssm\_parameter\_arns) | List of SSM Parameter ARNs that contain AMI IDs launched by Karpenter | `list(string)` | <pre>[<br> "arn:aws:ssm:*:*:parameter/aws/service/*"<br>]</pre> | no |
| <a name="input_irsa_subnet_account_id"></a> [irsa\_subnet\_account\_id](#input\_irsa\_subnet\_account\_id) | Account ID of where the subnets Karpenter will utilize resides. Used when subnets are shared from another account | `string` | `""` | no |
| <a name="input_irsa_tag_key"></a> [irsa\_tag\_key](#input\_irsa\_tag\_key) | Tag key (`{key = value}`) applied to resources launched by Karpenter through the Karpenter provisioner | `string` | `"karpenter.sh/discovery"` | no |
| <a name="input_irsa_tag_values"></a> [irsa\_tag\_values](#input\_irsa\_tag\_values) | Tag values (`{key = value}`) applied to resources launched by Karpenter through the Karpenter provisioner. Defaults to cluster name when not set. | `list(string)` | `null` | no |
| <a name="input_irsa_tags"></a> [irsa\_tags](#input\_irsa\_tags) | A map of additional tags to add the the IAM role for service accounts | `map(any)` | `{}` | no |
| <a name="input_irsa_use_name_prefix"></a> [irsa\_use\_name\_prefix](#input\_irsa\_use\_name\_prefix) | Determines whether the IAM role for service accounts name (`irsa_name`) is used as a prefix | `bool` | `true` | no |
| <a name="input_policies"></a> [policies](#input\_policies) | Policies to attach to the IAM role in `{'static_name' = 'policy_arn'}` format | `map(string)` | `{}` | no |

8
modules/karpenter/main.tf
View File

@@ -63,6 +63,10 @@ resource "aws_iam_role" "irsa" {
tags = merge(var.tags, var.irsa_tags)
}
locals {
irsa_tag_values = coalescelist([var.cluster_name], var.irsa_tag_values)
}
data "aws_iam_policy_document" "irsa" {
count = local.create_irsa ? 1 : 0
@@ -97,7 +101,7 @@ data "aws_iam_policy_document" "irsa" {
condition {
test = "StringEquals"
variable = "ec2:ResourceTag/${var.irsa_tag_key}"
values = [var.cluster_name]
values = local.irsa_tag_values
}
}
@@ -110,7 +114,7 @@ data "aws_iam_policy_document" "irsa" {
condition {
test = "StringEquals"
variable = "ec2:ResourceTag/${var.irsa_tag_key}"
values = [var.cluster_name]
values = local.irsa_tag_values
}
}

6
modules/karpenter/variables.tf
View File

@@ -86,6 +86,12 @@ variable "irsa_tag_key" {
default = "karpenter.sh/discovery"
}
variable "irsa_tag_values" {
description = "Tag values (`{key = value}`) applied to resources launched by Karpenter through the Karpenter provisioner. Defaults to cluster name when not set."
type = list(string)
default = null
}
variable "irsa_ssm_parameter_arns" {
description = "List of SSM Parameter ARNs that contain AMI IDs launched by Karpenter"
type = list(string)