github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-01-16 00:34:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add auto discovery permission of cluster endpoint to Karpenter role (#2451)

Browse Source 
Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
This commit is contained in:
Lukas Wöhrl
2023-02-15 22:02:27 +01:00
committed by GitHub
parent 07653b6249
commit c4a4b8afe3
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
modules/karpenter/main.tf
View File

@@ -131,6 +131,11 @@ data "aws_iam_policy_document" "irsa" {
resources = var.irsa_ssm_parameter_arns resources = var.irsa_ssm_parameter_arns
} }
statement {
actions = ["eks:DescribeCluster"]
resources = ["arn:${local.partition}:eks:*:${local.account_id}:cluster/${var.cluster_name}"]
}
statement { statement {
actions = ["iam:PassRole"] actions = ["iam:PassRole"]
resources = [var.create_iam_role ? aws_iam_role.this[0].arn : var.iam_role_arn] resources = [var.create_iam_role ? aws_iam_role.this[0].arn : var.iam_role_arn]