diff options
author | Spike <avlampson+git@gmail.com> | 2019-05-09 11:11:39 +0100 |
---|---|---|
committer | Spike <avlampson+git@gmail.com> | 2019-05-09 11:11:39 +0100 |
commit | 3057ba38e7d47b79bd7872e12e70a9f46057a4bc (patch) | |
tree | 30cac368aa975667e025f8b7c2317c6dee5b55e9 /terraform/iam.tf | |
parent | c71b2c2c4231df0486322ad7113084d23fc2c35a (diff) | |
download | sensyne_demo-3057ba38e7d47b79bd7872e12e70a9f46057a4bc.zip sensyne_demo-3057ba38e7d47b79bd7872e12e70a9f46057a4bc.tar.gz sensyne_demo-3057ba38e7d47b79bd7872e12e70a9f46057a4bc.tar.bz2 |
Adding iam role, and security group
Diffstat (limited to 'terraform/iam.tf')
-rw-r--r-- | terraform/iam.tf | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/terraform/iam.tf b/terraform/iam.tf new file mode 100644 index 0000000..0286993 --- /dev/null +++ b/terraform/iam.tf @@ -0,0 +1,28 @@ +resource "aws_iam_role" "sensyne_demo_cluster" { + name = "sensyne_demo_eks_cluster" + + assume_role_policy = <<POLICY +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Service": "eks.amazonaws.com" + }, + "Action": "sts:AssumeRole" + } + ] +} +POLICY +} + +resource "aws_iam_role_policy_attachment" "demo_cluster_AmazonEKSClusterPolicy" { + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy" + role = "${aws_iam_role.sensyne_demo_cluster.name}" +} + +resource "aws_iam_role_policy_attachment" "demo_cluster_AmazonEKSServicePolicy" { + policy_arn = "arn:aws:iam::aws:policy/AmazonEKSServicePolicy" + role = "${aws_iam_role.sensyne_demo_cluster.name}" +} |