Skip to main content
Version: v1.7

AWS IAM-EKS-ROLE

Description

Terraform module which creates IAM resources on AWS

Specification

Properties

NameDescriptionTypeRequiredDefault
cluster_service_accountsEKS cluster and k8s ServiceAccount pairs. Each EKS cluster can have multiple k8s ServiceAccount. See README for detailsmap(list(string))false
create_roleWhether to create a roleboolfalse
force_detach_policiesWhether policies should be detached from this role when destroyingboolfalse
max_session_durationMaximum CLI/API session duration in seconds between 3600 and 43200numberfalse
provider_url_sa_pairsOIDC provider URL and k8s ServiceAccount pairs. If the assume role policy requires a mix of EKS clusters and other OIDC providers then this can be usedmap(list(string))false
role_descriptionIAM Role descriptionstringfalse
role_nameName of IAM rolestringfalse
role_name_prefixIAM role name prefixstringfalse
role_pathPath of IAM rolestringfalse
role_permissions_boundary_arnPermissions boundary ARN to use for IAM rolestringfalse
role_policy_arnsARNs of any policies to attach to the IAM rolelist(string)false
tagsA map of tags to add the the IAM rolemap(any)false
writeConnectionSecretToRefThe secret which the cloud resource connection will be written towriteConnectionSecretToReffalse

writeConnectionSecretToRef

NameDescriptionTypeRequiredDefault
nameThe secret name which the cloud resource connection will be written tostringtrue
namespaceThe secret namespace which the cloud resource connection will be written tostringfalse