Skip to content

Latest commit

 

History

History

eks-access-entry

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
resource-group.tf
resource-group.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

README.md

eks-access-entry

This module creates following resources.

  • aws_eks_access_entry
  • aws_eks_access_policy_association (optional)

Requirements

Name Version
terraform >= 1.10
aws >= 5.42

Providers

Name Version
aws 5.50.0

Modules

Name Source Version
resource_group tedilabs/misc/aws//modules/resource-group ~> 0.10.0

Resources

Name Type
aws_eks_access_entry.this resource
aws_eks_access_policy_association.this resource

Inputs

Name Description Type Default Required
cluster_name (Required) The name of the Amazon EKS cluster to create IAM access entries. string n/a yes
name (Required) The name of the Amazon EKS access entry. string n/a yes
principal (Required) The ARN of one, and only one, existing IAM principal to grant access to Kubernetes objects on the cluster. An IAM principal can't be included in more than one access entry. string n/a yes
kubernetes_groups (Optional) A set of groups within the Kubernetes cluster. Only used when type is STANDARD. set(string) [] no
kubernetes_permissions (Optional) A list of permissions for EKS access entry to the EKS cluster. Each item of kubernetes_permissions block as defined below.
(Required) policy - The ARN of the access policy that you're associating.
(Optional) scope - The type of access scope that you're associating. Valid values are NAMESPACE, CLUSTER. Defaults to CLUSTER.
(Optional) namespaces - A set of namespaces to which the access scope applies. You can enter plain text namespaces, or wildcard namespaces such as dev-*.		 
list(object({
    policy     = string
    scope      = optional(string, "CLUSTER")
    namespaces = optional(set(string), [])
  }))
 [] no
kubernetes_username (Optional) The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS specify it for you. Defaults to the IAM principal ARN. Only used when type is STANDARD. string null no
module_tags_enabled (Optional) Whether to create AWS Resource Tags for the module informations. bool true no
resource_group_description (Optional) The description of Resource Group. string "Managed by Terraform." no
resource_group_enabled (Optional) Whether to create Resource Group to find and group AWS resources which are created by this module. bool true no
resource_group_name (Optional) The name of Resource Group. A Resource Group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with AWS or aws. string "" no
tags (Optional) A map of tags to add to all resources. map(string) {} no
timeouts (Optional) How long to wait for the EKS access entry to be created/deleted. 
object({
    create = optional(string, "20m")
    delete = optional(string, "40m")
  })
 {} no
type (Optional) The type of the access entry. Valid values are EC2_LINUX, EC2_WINDOWS, FARGATE_LINUX, STANDARD. Defaults to STANDARD. string "STANDARD" no

Outputs

Name Description
arn The Amazon Resource Name (ARN) of the EKS access entry.
cluster_name The name of the EKS cluster.
created_at Date and time in RFC3339 format that the EKS access entry was created.
kubernetes_groups The authenticated groups in Kubernetes cluster.
kubernetes_permissions The list of permissions for EKS access entry to the EKS cluster.
kubernetes_username The authenticated username in Kubernetes cluster.
name The name of the EKS access entry.
principal The ARN of one, and only one, existing IAM principal to grant access to Kubernetes objects on the cluster.
type The type of the access entry.
updated_at Date and time in RFC3339 format that the EKS access entry was updated.