github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-04-25 10:08:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add tags on additional IAM resources like IAM policies, instance profile, OIDC provider (#1321)

Browse Source
This commit is contained in:
Ivan Sukhomlyn
2021-05-04 22:55:49 +03:00
committed by GitHub
parent 2a78efd082
commit c12c186432
7 changed files with 14 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@@ -145,7 +145,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.1 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.22.0 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.35.0 |
| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 1.11.1 |
| <a name="requirement_local"></a> [local](#requirement\_local) | >= 1.4 |
| <a name="requirement_null"></a> [null](#requirement\_null) | >= 2.1 |
@@ -156,7 +156,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
| Name | Version |
|------|---------|
| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.22.0 |
| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.35.0 |
| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | >= 1.11.1 |
| <a name="provider_local"></a> [local](#provider\_local) | >= 1.4 |
| <a name="provider_null"></a> [null](#provider\_null) | >= 2.1 |

1
cluster.tf
View File

@@ -170,6 +170,7 @@ resource "aws_iam_policy" "cluster_elb_sl_role_creation" {
description = "Permissions for EKS to create AWSServiceRoleForElasticLoadBalancing service-linked role"
policy = data.aws_iam_policy_document.cluster_elb_sl_role_creation[0].json
path = var.iam_path
tags = var.tags
}
resource "aws_iam_role_policy_attachment" "cluster_elb_sl_role_creation" {

1
docs/autoscaling.md
View File

@@ -21,6 +21,7 @@ resource "aws_iam_policy" "worker_autoscaling" {
description = "EKS worker node autoscaling policy for cluster ${module.my_cluster.cluster_id}"
policy = data.aws_iam_policy_document.worker_autoscaling.json
path = var.iam_path
tags = var.tags
}
data "aws_iam_policy_document" "worker_autoscaling" {

7
irsa.tf
View File

@@ -12,4 +12,11 @@ resource "aws_iam_openid_connect_provider" "oidc_provider" {
client_id_list = [local.sts_principal]
thumbprint_list = [var.eks_oidc_root_ca_thumbprint]
url = flatten(concat(aws_eks_cluster.this[*].identity[*].oidc.0.issuer, [""]))[0]
tags = merge(
{
Name = "${var.cluster_name}-eks-irsa"
},
var.tags
)
}

2
versions.tf
View File

@@ -2,7 +2,7 @@ terraform {
required_version = ">= 0.13.1"
required_providers {
aws = ">= 3.22.0"
aws = ">= 3.35.0"
local = ">= 1.4"
null = ">= 2.1"
template = ">= 2.1"

1
workers.tf
View File

@@ -453,6 +453,7 @@ resource "aws_iam_instance_profile" "workers" {
)
path = var.iam_path
tags = var.tags
lifecycle {
create_before_destroy = true

1
workers_launch_template.tf
View File

@@ -563,6 +563,7 @@ resource "aws_iam_instance_profile" "workers_launch_template" {
local.default_iam_role_id,
)
path = var.iam_path
tags = var.tags
lifecycle {
create_before_destroy = true