github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-03-24 18:31:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

allow specifying an IAM role for each worker group (#137)

Browse Source 
* allow creating an IAM role for each worker group

* moved change from 'changed' to 'added'

* create multiple roles not just profiles

* fix config_map_aws_auth generation

* don't duplicate worker-role templating

* specify ARNs for worker groups individually

todo fix aws_auth configmap

* fixed AWS auth

* fix aws_iam_instance_profile.workers name
fix iam_instance_profile fallback

* fix outputs

* fix iam_instance_profile calculation

* hopefully fix aws auth configmap generation

* manually fill out remainder of arn

* remove depends_on in worker_role_arns template file

this was causing resources to be recreated every time

* fmt

* fix typo, move iam_role_id default to defaults map
This commit is contained in:
Andrew Lavery
2018-09-24 07:08:35 -07:00
committed by Max Williams
parent b6f6a82352
commit b623bc234a
8 changed files with 27 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
workers.tf
View File

@@ -26,7 +26,7 @@ resource "aws_launch_configuration" "workers" {
name_prefix = "${aws_eks_cluster.this.name}-${lookup(var.worker_groups[count.index], "name", count.index)}"
associate_public_ip_address = "${lookup(var.worker_groups[count.index], "public_ip", lookup(local.workers_group_defaults, "public_ip"))}"
security_groups = ["${local.worker_security_group_id}", "${var.worker_additional_security_group_ids}", "${compact(split(",",lookup(var.worker_groups[count.index],"additional_security_group_ids",lookup(local.workers_group_defaults, "additional_security_group_ids"))))}"]
iam_instance_profile = "${aws_iam_instance_profile.workers.id}"
iam_instance_profile = "${element(aws_iam_instance_profile.workers.*.id, count.index)}"
image_id = "${lookup(var.worker_groups[count.index], "ami_id", lookup(local.workers_group_defaults, "ami_id"))}"
instance_type = "${lookup(var.worker_groups[count.index], "instance_type", lookup(local.workers_group_defaults, "instance_type"))}"
key_name = "${lookup(var.worker_groups[count.index], "key_name", lookup(local.workers_group_defaults, "key_name"))}"
@@ -97,7 +97,8 @@ resource "aws_iam_role" "workers" {
resource "aws_iam_instance_profile" "workers" {
name_prefix = "${aws_eks_cluster.this.name}"
role = "${aws_iam_role.workers.name}"
role = "${lookup(var.worker_groups[count.index], "iam_role_id", lookup(local.workers_group_defaults, "iam_role_id"))}"
count = "${var.worker_group_count}"
}
resource "aws_iam_role_policy_attachment" "workers_AmazonEKSWorkerNodePolicy" {